In  store  from  Cisco 

Cisco  uncrates  RFID  software  and  powers  up  small- 
business  routers  and  switches. 

PAGES  16  and  26. 


Oracle's  binge 

Oracle’s  Siebel  buy  —  its  ninth  major  purchase  this 
year  —  gives  the  company  a  massive  integration  task. 

PAGE  31. 


Down  at  the  desktop 

Client  system  diversity  represents  a  major  management 
challenge  for  users. 

PAGE  36. 
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With  its  Gulfport  headquarters  destroyed,  300  of  Mississippi  Power's 
employees  now  work  from  mobile  offices  connected  via  satellite  and  Void, 


- ®  WIderNet 

Weathering  Katrina 

Three  IT  organizations  share  their  storm  stories. 


BY  PHIL  HOCHMUTH 

As  Hurricane  Katrina  swept  over  New  Orleans,  Ochsner  Hospital  stayed  open.  But  it  was  get¬ 
ting  hot  inside.  With  two  of  three  generators  down,  fans  were  brought  out  to  cool  patients  in 
the  95-plus-degree  heat  after  air  conditioning  failed.  And  as  temperatures  topped  150  degrees 
inside  critical  computer  and  network  equipment,  Kurt  Induni.the  hospital’s  network  services 
manager,  had  a  call  to  make. 

“We  decided  after  we  went  down  to  one  generator  to  shut  all  critical  patient  care  systems  down,” 
Induni  says.“We  didn’t  want  to  take  more  power  than  we  needed.  It’s  kind  of  odd  to  say  but  we  shut 

down  the  patient  care  systems  first  to  protect  them  for  after  the  _ _ , 

storm  was  over,  when  we  would  need  them  most.” 

To  conserve  power  for  critical  patient  life  support  and  other 
medical  gear,  hospital  staff  shut  down  the  mainframe  that  runs  the 

See  Katrina,  page  20 
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How  volunteer  efforts  by 
network  experts  are  making 
a  difference. 


EBay  bid  shows 
promise  of  VoIP 

This  week’s  VON  event  puts 
spotlight  on  services. 


BY  TIM  GREENE,  PHIL  HOCHMUTH 
AND  DENISE  PAPPALARDO 

The  $2.6  billion  purchase  of 
Skype  last  week  by  eBay  further 
cements  VoIP  as  an  industry-alter¬ 
ing  business  technology 

The  deal  raises  the  public  pro¬ 
file  of  VoIP  just  as  Fall  VON  2005 
opens  its  doors  this  week  in 
Boston,  where  service  providers 
will  grapple  with  what  IP  voice 
services  they  should  offer  to  keep 
competitive  and  what  equipment 
they  need  to  support  them. 

Now  in  its  ninth  year,  the  show 
has  grown  dramatically,  drawing 
crowds  in  both  Boston  and 


Northern  California  at  six-month 
intervals.  Last  year’s  Boston  show 
took  up  70,000  square  feet  of  floor 
space,  and  this  year’s  will  occupy 
120,000  square  feet  to  accommo¬ 
date  an  increase  in  exhibitors 
from  200  to  330.  Attendance  is  ex¬ 
pected  to  jump  from  5,000  to 
7,500,  show  sponsors  say 
Meanwhile,  eBay  is  showing  the 
potential  of  VoIP  and  related  IP 
communications  that  other  busi¬ 
nesses  and  service  providers 
might  imitate.  EBay  plans  to  com¬ 
bine  with  Skype  to  offer  its  cus¬ 
tomers  ways  to  make  transactions 
See  VoIP,  page  72 


Customers  buoyed  by  Microsoft  direction 


BY  JOHN  FONTANA 

LOS  ANGELES  —  End  users  say 
security  management  and  inter¬ 
face  upgrades  that  Microsoft  is 
building  into  the  next  versions  of 
its  client  operating  system  and 
Office  suite  appear  to  make  a 


compelling  case  to  consider  up¬ 
grades  when  the  software  ships 
late  next  year. 

At  its  Professional  Developer’s 
Conference  (PDC)  last  week, 
Microsoft  tried  to  reassert  the 
importance  of  its  core  technolo¬ 


gies  by  displaying  its  Windows 
Vista  client  operating  system, 
Office  12  suite  and  Longhorn 
Server.  It  also  enticed  developers 
with  new  tools  to  build  feature- 
rich  applications  to  complement 
the  foundation  components. 

Microsoft  highlighted  a  number 
of  tools  for  traditional  developers, 
including  the  forthcoming  Visual 
Studio  2005.  It  also  showed  off  its 
new  Expression  suite  for  design¬ 
ers  to  build  slick  interfaces,  and 
tools  for  end  users  to  share  and 
route  files. 

The  software  giant  hopes  the 
tools  will  spur  developers  to  tap 
into  the  platform’s  improvements, 
including  a  common  workflow 

See  Microsoft,  page  18 


it’s  Hitachi  Data  Systems  talking  about? 
1  out  more  inside  or  at  www.hds.com/talk 


HITACHI 

DATA  SYSTEMS 


An  exclusive  look 

at  the  hottest  enterprise 

products  being  unveiled  this  week  at 
DemoFall,  where  vendors  are  focusing 
heavily  on  security  and  business 
continuity.  Of  course,  DemoFall  is  also 
about  what’s  cool,  and  Cool  Tools 
editor  Keith  Shaw  provides  an 
advance  look  at  some  of  those 
products.  Page  50 
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Sara  knew  her  company  needed  something  outre  than  a  mere  copier. 
So  they  chose  the  new  (.'anon  image Rl  \.\/  /(  6570  that  does  it  all. 
That's  why  Sara's  company  needs  Sara. 


Sara's  company  isn’t  doing  business  as  usual.  What  about  your  company?  Some  say  an  you  need  is  a  mere  copier;  we  disagree.  With  the 

revolutionary  new  Canon  imageRUNNER*  70  Series,  you’ll  receive  state  of-the-art  technology  with  reliable  high-speed  scanning,  copying,  printing, 
fax  capabilities,  even  Internet  access.  All  of  our  products  have  proven  new  engines,  not  to  mention  robust  software  offerings  such  as  Express  Copy, 
Universal  Send  "  and  eCopy  ShareScan  OP.’  which  provide  users  with  the  ability  to  scan  and  share  documents  with  any  destination.  Thanks  to 
Canon’s  MEAP  technology,  their  (unctions  can  be  tailored  for  your  specific  business  needs.  And  with  their  advanced  security  features,  your  documents  and 
uset  information  are  protected,  giving  you  some  well-deserved  peace  of  mind.  Now  you  can  truly  expand  the  potential 
of  your  workday  And  that’s  not  business  as  usual.  1-800-OK-CANON  www.imagerunner.com 


Canon 

imageANYWARE 


As  Patti  observed  the  new  Canon  Color-enabled  image  RUNNER, 
her  new  mantra  became,  “ black-and-white  and  occasional 
color  printing  is  now  affordable.” 


atti  s  company  isn't  doing  business  as  usual.  What  about  your  company?  Yes,  thanks  to  the  Canon  Coior-enabled  imageRUNNER® 
0170  Series,  you  can  actually  add  a  few  pages  of  color  to  your  usual  black-and-white  printing  when  you  need  it  more  affordably  than  before. 
T  e  result  is  eye-catching  documents  and  more  effective  presentations.  This  state-of-the-art  imageRUNNER  also  works  with  our  latest  robust  software 
offerings,  including  Express  Copy,  Color  Universal  Send"  and  eCopy  ShareScan  OP,-  allowing  users  to  scan  and  share  documents  with  any 
destination.  Ali  of  this  while  giving  you  the  dependability  you  expect  from  the  Canon  imageRUNNER  line  with  the 
latest  technology  available.  It’s  yet  another  example  of  expanding  the  potential  of  your  workday.  And  no  longer 

doing  business  as  usual.  1-800-OK-CANON  www.imagerunner.com  1 1  1 1 
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The  new  (.'anon  image  R  l  A  A  h'R  solutions  mid  support  addressed 
Don's  concerns  about  seamless  network  integration,  secured  printing 
and  managing  network  devices.  Hence,  Don's  no  longer  concerned. 


Don’s  company  isn’t  doing  business  as  usual.  What  about  your  company?  We’re  we  aware  ot  /our  d  /  cha  en^es  as  the  gatekeeper 

of  your  company’s  network.  And  we  totally  understand.  That's  why  Canon’s  imageRUNNER  solutions  are  raising  the  bar  for  how  well  network  devices 
work,  and  how  seamlessly  they're  integrated.  You’ll  appreciate  enhanced  security  features  that  include  a  secured  print  function  for  document 
confidentiality,  user  authentication.  NetSpot  and  Remote  ur  for  easily  managing  network  devices.  In  addition,  you  get  entirely  new  systems 
across  our  full  line  of  imageRUNNER  solutions,  which  offer  intuitive  technology  that  works  with  you.  not  against  you. 

ilso  expect  your  current  ime  >  'k  ||  4  v  || 
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imageRUNNER  5570 


The  entire  department  heard  Bob  exclaim,  “Cool!”  as  he  used 
the  Web  browser  on  the  new  imageRUNNER  6570  to  access 
and  print  his  company’s  4th  quarter  sales  results. 


Bob’s  company  isn’t  doing  business  as  usual.  What  about  your  company?  While  “coo!”  definitely  applies  to  the  new  Canon  imageRUNNER®70  Series, 
“groundbreaking”  is  more  apt.  Both  the  imageRUNNER  6570  and  imageRUNNER  5570  have  the  industry’s  first  embedded  Web  access  function  -  in 
other  words,  a  full-size  user  interface  panel  that  actually  lets  you  call  up  Internet  or  intranet  data  without  the  use  of  a  PC,  right  from  the  device. 
Once  you’ve  done  that,  you  can  print  the  forms  and  documents  you  need  to  work  more  efficiently  and  productively.  Of  course,  there  are  a  host  of 
other  great  features  that  help  expand  the  potential  of  your  workday.  And  that’s  definitely  not  business  as  usual. 


1-8QO-OK-CANON  www.imagerunner.com 


Canon 


Canon  and  IMAGERUNNER  are  registered  trademarks  of  Canon  Inc.,  in  the  United  States  and  may  also  be  registered  trademarks  in  other  countries.  IMAGEANYWARE  is  a  trademark  of  Canon  U.S.A.,  Inc.  ©2005  Canon  U.S.A..  Inc  All  rights  reserved  Products  shown  with  optional  accessories. 
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DELIVER  A  MORE 
SECURE  W / 


A7 

ProCurve  by  HP’s  new  Secure  Router  7000dl  Series  is  an  edge-to-edge 
solution  designed  to  meet  the  security  and  convergence  challenges  of 
wide  area  networks.  It  links  your  headquarters  and  branch  offices  no 
matter  how  remote.  And  it  delivers  what  you’ve  come  to  expect  from 
ProCurve — high  performance,  choice,  reduced  complexity  and  reliability 
backed  by  a  lifetime  warranty — all  at  an  impressively  affordable  price.  It's 
the  newest  addition  to  a  growing  set  of  secure  ProCurve  Networking  solutions. 
Expect  more  security  from  your  network.  Expect  it  more  affordably. 


Find  out  how  to  meet  the  security  demands  of  WAN. 

Visit  the  Web  site  below  for  the  latest  7000dl  Series  promotions 
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ProCurve  SECURE  ROUTER: 

7000dl  SERIES 

•  Open  standards  for  simplified  integration 

•  Externa!  flash  ports  for  easier  setup 

•  Modular  design  for  adapting  to  change 

•  Lifetime  warranty* 

-y.  '•&>  :yc;v:r;;^ 


ProCurve  Networking 

HP  Innovation 


CALL  800-975-7684  Ref  Code  55  CLICK  www.hp.com/learn/procurve5  VISIT  your  local  HP  reseller 

‘Lifetime  warranty  applies  to  all  ProCurve  Products,  excluding  the  ProCurve  routing  switch  9300m  Series  and  Secure  Access  700wl  Series,  which  have  a  oneyear  warranty  with  extensions  available.  ©2005  Hewlett-Packard  Development  Company,  U? 
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10  Continuous  data  protection  finds  supporters. 
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12  Yipes  scales  Ethernet  service. 
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16  ConSentry  controls  'Net  access. 

16  Cisco  targets  SMBs  with  convergence. 

18  Microsoft  looks  to  secure  digital  IDs. 

72  Shavlik  adds  anti-spyware. 
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patches. 
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e-mail, 
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45  Security  technology  targets  the 
LAN. 
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required:  Your  comments. 
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from  within. 
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Strategies 

60  Companies  check  up  on  IT  vendors: 

United  Parcel  Service  and  General 
Motors  delegate  formal  responsibility 
for  vendor  relationship  management 
to  ensure  successful  outcomes, 


COOLTOOLS 

The  MacGyver  watch  does  more 
than  tell  time  -  it  also  comes  with 
an  MP3  player,  a  five-mode  audio 
equalizer  and  a  voice 
recorder.  Page  46. 
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An  exclusive  look 

at  the  hottest,  most  exciting 
enterprise  products  being 
unveiled  this  week  at  DemoFail. 
Vendors  looking  for  hit  products 
and  services  are  focusing  heav¬ 
ily  on  security  and  business 
continuity.  Of  course,  DemoFail 
is  also  about  what’s  cool,  and 
Cool  Tools  editor  Keith  Shaw 
provides  an  advance  look  at 
some  of  those  products. 
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EasyReach  Results  (1 


Confirmation  Number:  9TCQV: 
9/9/200S  2:59-54  PM  -  1SK 
Outlook/Personal  Folders/lnb 


05  Maui  Vacation 

Confirmation  Number  31PKV2 
9/9/2005  2  37:19  PM  -  4742 
Outlook/Per  sonal  Folder  s/lnbo 
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Sector  Spotlight:  Managed  Ethernet  hits  campus  networks: 
Education's  distributed,  high-bandwidth  requirements  make  it 
a  natural  for  managed  Ethernet  services.  Page  56. 
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Anti-spam  Buyer's  Guide 

Get  the  latest  information  on  anti¬ 
spyware  offerings  from  more  than 
two-dozen  vendors  in  our  continual¬ 
ly  updated  guide.  DocFinder:  8930 

Podcast:  Mesh  networks  provide  'Net 
access  to  buses 

Motorola's  Rick  Rotondo  details  the  new 
wireless  network  rollout  in  Cedar 
Rapids,  Iowa,  that  provides  security, 
entertainment  and  Internet  access  to 
city  buses  DocFinder:  8931 

2005  Salary  Calculator 

Are  you  making  what  you're  worth? 
Register  free  and  find  out  how  your 
compensation  compares  to  that  of  your 
peers.  DocFinder:  8121 

AWiderNet 

If  you've  missed  any  of  our  weekly  stones 


that  go  beyond  the  speeds  and  feeds  of 
the  network  and  IT  industries  —  such 
as  a  look  at  the  nation's  elite  science  and 
technology  hgh  school  or  stories  of  mar" 
ried  net  pros  —  check  out  the  Wider 
Net  archive,  DocFiider.  8932 

Katrina's  aftermath  news  — The  IT 
perspective 

Every  day  we  aggregate  the  latest  IT- 
related  Katrina  cleanup  news,  See  how 
much  network  repair  will  cost  wireless 
providers,  the  benefits  of  text  messag¬ 
ing  and  much  more.  DocFinder  8831 

Letters  to  the  editor 

Every  week  we  receive  more  letters 
than  we  have  space  —  to  print.  Head 
online  to  see  what  readers  say  about 
Intel's  Wi-R  focus,  the  importance  of 
improving  ROI,  net  security  problems 
and  more.  DocFinder  8933 


Online  help  and  advice 

IT  Borderlands 

Ken  Fasimpaur  hosts  a  guest  column 
by  author  Penelope  Trunk,  who  says: 
“Here  is  a  message  for  people  who 
say  they  can't  stomach  office  poli¬ 
tics:  You  will  die  a  slow,  painful 
career  death,"  DocFinder  8934 

Small  Business  Tech 

Get  on  the  IM-voice  bandwagon: 


Seminars  and  events 

Security:  Preventing  attacks  on  applications  and  data 

This  is  the  Technology  Tour  and  Expo  hackers  don't  want  you  to  attend.  Learn 
about  products  and  strategies  that  protect  your  core  secrets  without  hindering 
communication  or  the  flow  of  information  between  authorized  users.  Qualify  now 
and  attend  free. 

DocFinder  8937 


Columnist  James  Gaskin  on  why  eBay 
and  Skype  will  change  online  marketing. 

DocFinder  8935 

Home  LAN  Adventures 

Office  move  means  adding  a  print 
server:  Keith  Shaw  looks  at  the  benefit 
of  adding  a  print  server  to  his  home 
network. 

DocFinder  8936 


Clear  Choice  Test:  Coradiant's 
TrueSight  provides  insight  into 
Web  performance.  Page  58. 


BREAKING  NEWS 

Go  online  for  breaking  news  every  day.  DocFinder:  1001 
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Free  e-mail  newsletters 

Sign  up  for  any  of  more  than  40  newsletters  on  key  network  topics. 

DocFinder.  1002 


What  is  DocFinder? 

We’ve  made  it  easy  to  access  articles  and  resources 
online.  Simply  enter  the  four-digit  DocFinder  number  in 
the  search  box  on  the  home  page,  and  you’ll  jump  directly 
to  the  requested  information. 
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Microsoft,  AOL  said  to  be  in  talks 

■  Microsoft  is  considering  taking  a  stake  in  Time  Warner’s  America  Online  unit,  a 
move  that  could  have  significant  repercussions  in  the  competitive  market  of  con¬ 
sumer  Internet  content  and  services,  according  to  reports  published  last  week. 
Microsoft  and  Time  Warner  are  discussing  such  a  deal,  reports  say 
although  the  stage  of  the  negotiations  and  the  nature  of  a  subse¬ 
quent  partnership  are  being  characterized  in  conflicting  ways  by  dif¬ 
ferent  media  outlets.The  New  York  Post  describes  the  discussions  as 
“advanced”  and  involving  plans  to  combine  AOL  and  Microsoft’s 
MSN  Internet  unit.  The  Wall  Street  Journal  called  the  talks  “prelimi¬ 
nary”  and  said  they  are  part  of  a  broader  discussion  about  areas  in 
which  the  companies  can  collaborate.  Areas  of  collaboration  being 
considered  include  AOL  switching  from  using  Google’s  search  engine  to  using 
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TheGoodThiBaMheUgly 

Gleaning  up  Katrina  Web  sites.  The  u  s  has 

established  the  Hurricane  Katrina  Fraud  Task  Force  to  stamp  out 
fraudulent  Web  sites  and  other  efforts  to  exploit  the  generosity  of 
those  trying  to  help  victims  of  the  storm.  The  Justice  Department  has 
had  to  orchestrate  similar  efforts  in  the  wake  of  other  crisis  situa¬ 
tions,  such  as  the  9/11  terrorist  attacks. 

<  Weighing  the  benefits.  Mary 

Finlay,  deputy  CIO  at  Partners  Health  Care  System  in 
Boston,  says  her  organization  is  using  a  host  of  inno¬ 
vative  network-oriented  approaches  to  improve  health¬ 
care,  though  she  warned  that  some  projects  will  go 
awry  unless  careful  attention  is  paid  to  detail.  She 
described  an  effort  by  the  outfit  to  monitor  cardiology 
patients  at  home  via  cell  phones  and  medical  devices. 
When  one  patient  was  found  to  have  gained  20  pounds 
in  two  days  when  weighing  herself  at  home,  medical 
staff  became  alarmed  —  until  they  learned  that  she 
had  been  holding  her  dog  while  weighing  herself, 

Banged  up  in  Bangalore,  concerned  about 


MSN’s,  according  to  the  Journal. 

Cisco  refreshes  certification  program 

■  Cisco  is  revamping  its  skills  certification  program, 
dubbed  Cisco  Career  Certifications,  by  adding  training 
and  exam  tracks  to  the  Cisco  Qualified  Specialist 
security  certifications.  Starting  today  the  program  will 
have  a  new  course  lineup  and  exam  to  cover  Cisco’s 
growing  number  of  security  products,  including  intru¬ 
sion-prevention  systems  sensors,  the  Cisco  Security 
Agent,  VPN  Concentrator  and  the  Adaptive  Security 
Appliance.  The  new  courses  and  exams  will  still  be 
provided  by  Ciscos  training  partners,  including 
Thompson  Prometric  and  Pearson  Vue.  For  more  on 
this  topic,  read  this  week’s  Security  Research  Center 
notes  at  www.networkworld.com,  DocFinder:  8941 . 

Microsoft  adds  Vista  licensing  caveat 

■  Businesses  that  want  the  Enterprise  Edition  of 
Microsoft’s  forthcoming  Windows  Vista  operating  sys¬ 
tem  will  have  to  sign  up  for  its  Software  Assurance 
licensing  program,  the  company  announced  last 
week.  Software  Assurance,  introduced  in  2001,  encour¬ 
ages  customers  to  pay  an  annual  fee  to  use  Microsoft’s 

HI  COMPENDIUM 

Hey,  hey,  hey 

The  World  Intellectual  Property  Organiza¬ 
tion  has  ordered  some  guy  inTennesseeto 
hand  the  fatalbert.org  domain  to  Bill  Cosby, 
in  part  because  “it  is  undisputed"  that  Cosby 
and  Fat  Albert  enjoy  worldwide  fame  “includ¬ 
ing  in  the  United  States.”  Read  the  whole 
decision  at  www.networkworld.com, 
DocFinder:  8938. 


uote  0 

uote  o 

uote  o 


th 


ti 

t 


e  wee 

e  wee 

he  wee 


“Some  experts  say  IT  doesn’t 
matter,  others  say  it  does. 
There’s  a  new  book  coming 
out  this  spring  called  Experts 
don’t  matter!' 

Rick  Swanborg,  president  of  peer-to-peer  advisory  firm  Icex,  while 
moderating  a  panel  at  the  Society  for  Information  Management 
conference  last  week  in  Boston. 


software  rather  than  buying  licenses.  The  annual  fee 
includes  upgrades  plus  other  support  services.  The 
program  met  with  considerable  resistance  after  some 
analysts  said  customers  would  pay  more  under 
Software  Assurance  than  under  the  previous  licensing 
plan.  Microsoft  says  the  updates  “extend  the  value”  of 
Software  Assurance  beyond  a  typical  maintenance 
offering,  which  includes  only  support  and  upgrades, 
to  something  that  includes  access  to  support,  new 
product  versions  and  other  resources. 

Sprint  Nextel  puts  storm  tab  at  $200M 

■  Sprint  Nextel  last  week  announced  that  it  expects 
telecom  restoration  efforts  in  the  Gulf  region  to  cost 
between  $150  million  and  $200  million  through  the 
rest  of  the  year.  The  company  says  the  estimate 
includes  capital  and  operating  expenses  associated 
with  the  restoration  of  network  infrastructure,  retail 
stores  and  billing  relief  for  customers  that  were 
affected  by  Hurricane  Katrina.  BellSouth 
announced  last  week  that  telecom  restoration  fol- 


Bangalore,  India’s  deteriorating  infrastructure,  key  IT  companies  in  the 
city  have  threatened  to  boycott  an  annual  conference  and  exhibition  to 
be  hosted  by  the  local  state  government  in  October.  Bangalore's  pot- 
holed  roads  and  electricity  and  water  shortages  have  been  a  cause  of 
concern  for  about  five  years,  as  the  city  grapples  with  rapid  urbaniza¬ 
tion,  primarily  driven  by  the  offshoring  boom  to  the  city  by  U.S.  and 
European  companies. 


lowing  the  devastating  hurricane  could  cost  the 
local  telco  $600  million.  Sprint  Nextel  has  a  com¬ 
mand  center  in  Baton  Rouge,  La.,  that  it  calls  Sprint 
City  where  300  field  technicians,  engineers  and  sup¬ 
port  staff  are  working  to  restore  wireless  and  tradi¬ 
tional  telecom  services  in  the  Gulf  Region.  The  ser¬ 
vice  provider  says  more  than  90%  and  70%  of  its 
wireless  network  in  Mississippi  and  Louisiana, 
respectively  now  are  operational. 

Nortel  announces  WiMAX  partnerships 

■  Nortel  last  week  said  it  will  partner  with  Intel  and 
Airspan  Networks  to  offer  mobile  and  fixed  WiMAX 
wireless  products.  Nortel  said  working  with  these  two 
companies  is  expected  to  complement  work  already 
under  way  in  Nortel’s  joint  venture  with  LG 
Electronics  of  Korea.  LG  and  Nortel  are  creating  a 
jointly  owned  company  tentatively  called  LG-Nortel, 
that  will  combine  LG’s  telecom  infrastructure  busi¬ 
ness  and  Nortel’s  distribution  and  service  businesses 
in  South  Korea.  The  two  have  already  won  a  contract 
from  a  Korean  service  provider  for  equipment  to  sup¬ 
port  a  mobile  broadband  service  based  on  High- 
Speed  Downlink  Packet  Access.  LG-Nortel  is  also 
working  on  IEEE  802.16e-based  WiMAX  and  Wireless 
Broadband  products.  Nortel  said  its  WiMAX  products 
will  be  designed  to  let  wireless  and  wireline  carriers, 
cable  providers,  media  companies  and  other  ISPs 
deliver  broadband  connectivity  to  consumer  and  cor¬ 
porate  users  by  using  existing  networks  and  last-mile 
wireless  links. 
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Continuous  data  protection  finds  supporters 


BY  DENI  CONNOR 

Demand  for  continuous  data  protection 
is  growing  as  more  businesses  realize  they 
not  only  need  to  back  up  the  data  on  their 
networks  as  changes  are  made  but  also  be 
able  to  recover  that  data  quickly  Nearly 


every  storage  vendor  has  acknowledged 
developing  a  continuous  or  near-continu¬ 
ous  data  protection  scheme  for  retrieving 
even  the  most  recently  saved  data. 

“All  the  offerings  share  the  common 
good  of  dramatically  improving  recovery 


point  objectives  vs.  traditional  nightly  full 
or  incremental  backups,”  says  Steve 
Duplessie,  senior  analyst  and  founder  of 
Enterprise  Strategy  Group.  “Continuous 
data  protection  vs.  near-CDP  might  mean 
the  difference  between  recovery  points 
of  1  second  or  1  hour.  Either  is  much  bet¬ 
ter  than  what  we  do  today’ 

At  the  Storage  Decisions  conference  in 
New  York  next  week,  Microsoft  is  expected 
to  announce  the  availability  of  its  System 
Data  Protection  Manager  (DPM)  software, 
which  installs  on  Windows  Server  2003 
and  performs  a  series  of  snapshots  of  data 
that  can  be  recovered  by  end  users.  It  will 
be  priced  at  $950. 

A  variety  of  Microsoft  partners  are  set  to 
announce  they  will  market  DPM  appli¬ 
ances  or  integrate  their  software  with 
DPM. 

The  players 

Among  those  vendors  are  EqualLogic, 
which  will  support  Microsoft  DPM  with  its 
PS  Series  family  of  iSCSI-based  storage 
arrays;  and  Commvault,  which  will  inte-* 
grate  DPM  with  its  Qinetix  data  manage-, 
ment  software.  Also  on  stage  with  Micro¬ 
soft  will  be  Dell,  Intel,  Advanced  Micro 
Devices,  Computer  Associates  and  HR 
which  recently  unveiled  the  ProLiant  DL 
380  G4  Data  Protection  Storage  Server. 

Quantum  also  is  reported  to  be  releasing 
a  DPM  appliance  that  is  integrated  into  its 
DX  Series  disk-to-disk  products.  Storactive 
is  set  to  announce  a  new  version  of  its 
LiveBackup  software  for  protecting  desk¬ 
top  and  laptop  data.  And  Fujitsu  Siemens, 
Europe’s  largest  computer  maker,  recently 
said  it  would  soon  introduce  a  preconfig¬ 
ured  appliance  based  on  its  FibreCAT 
hardware  and  on  DPM. 

Mendocino  Software  also  is  expected  to 
announce  its  RecoveryOne  software  at 
Storage  Decisions.  RecoveryOne  is  in¬ 
stalled  on  an  industry-standard  server  of  a 
customer’s  choosing  and  continuously 
backs  up  all  network  data  —  both  file  and 
block  —  and  recovers  that  data  from  any 
point  in  time. 

Microsoft  and  Mendocino  join  Revivio, 
one  of  the  first  companies  to  bring  a  CDP 
product  to  market.  Revivio,  which  is  fund¬ 
ed  by  Charles  River  Ventures  and  Bes¬ 
semer  Venture  Partners,  last  week  bol¬ 
stered  its  product  line  with  the  introduc¬ 
tion  of  the  CPS12Q0i,a  low-end  appliance 
for  departments  and  workgroups. 

Revivio  also  introduced  a  data  replica¬ 
tion  module,  which  enables  instant 
recovery  at  two  or  more  locations.  The 
module  supports  synchronous  or  asyn¬ 
chronous  and  unidirectional  or  bidirec¬ 
tional  replication. 

CDP  products,  such  as  those  from 
Mimosa  Systems  and  Xosoft,  save  every 
change  to  data  as  it  is  made  and  let  admin¬ 


istrators  or  users  recover  files  and  other 
data  such  as  e-mail  from  any  point  in  time. 

Near-CDP  products  do  not  have  the 
detail  of  CDP  They  take  snapshots  of  data 
at  specified  points  in  time  and  only  allow 
customers  to  retrieve  data  from  those 
times,  not  from  seconds  or  even  hours  ago. 

Veritas  is  working  on  a  near-continuous 
product  code-named  Panther;  Network 
Appliance  acquired  Alacritus,  a  start-up 
with  CDP  software  called  Chronospan; 
and  IBM  recently  announced  a  near-CDP 
product  called  IBM  Tivoli  Continuous  Data 
Protection  for  Files.  Sources  say  EMC  also 
is  developing  a  CDP  appliance  based  on 
its  Clariion  storage  servers  that  uses  soft¬ 
ware  from  Mendocino  to  back  up  and 
recover  file-  and  block-based  data. 

“I  suspect  you’ll  see  EMC  come  forward 
with  an  enterprise-caliber  true  CDP  offer¬ 
ing  this  fall,”  Duplessie  says. 

The  case  for  e-mail 

Don  Carlos,  director  of  information  ser¬ 
vices  and  technology  for  United  Teachers 
Los  Angeles,  a  teachers’  union,  imple¬ 
mented  Mimosa’s  Nearpoint  for  Exchange 
to  back  up  e-mail. 

“Previously,  we  would  have  to  back  up 
the  whole  database  and  then  back  up 
each  mailbox  individually  so  that  we 
were  capable  of  restoring  a  person’s  indi¬ 
vidual  mailbox  rather  than  the  whole 
Exchange  server’’  Carlos  says.  “When  we 
would  come  in  in  the  morning  the  back¬ 
up  would  still  be  running,  taking  some  15 
to  20  hours  a  day  With  Mimosa,  the  mail¬ 
boxes  are  being  backed  up  in  real  time, 
and  users  can  get  the  e-mail  back  them¬ 
selves.”  Carlos  has  only  two  other  IT  peo¬ 
ple  working  with  him. 

The  ability  to  self-service  e-mail  recovery 
is  an  important  feature,  Carlos  says. 

“I  don’t  have  enough  IT  people  to  sup¬ 
port  recovering  e-mails  for  individuals,  but 
with  Mimosa  I  can,  because  individuals 
can  recover  any  e-mail  they  want,”  he  says. 

Microsoft’s  System  Data  Protection 
Manager,  Veritas’  upcoming  Panther, 
Storactive’s  LiveServe  and  Mimosa’s  Near- 
Point  for  Exchange  integrate  the  self-recov¬ 
ery  of  data  into  their  offerings.  Gartner  says 
the  recovery  landscape  in  2008  to  2010 
will  shift  to  self-service,  in  which  users  can 
recover  their  own  data,  which  many  such 
as  Carlos,  prefer  to  do.  ■ 
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Mgmt  vendors  to  push  best  practices 

Show  to  highlight  products  for  automating  processes,  monitoring  SLAs  and  extending  ITIL  support 


BY  DENISE  DUBIE 

Management  software  vendors  this  week 
are  set  to  release  products  that  promise  to 
help  IT  managers  put  to  use  best  practices 
and  the  tenets  of  the  Information  Tech¬ 
nology  Infrastructure  Library  in  their  day-to- 
day  network  operations. 

Companies  such  as  HP  and  Oblicore  plan 
to  use  the  IT  Service  Management  Forum 
conference  in  Chicago,  which  is  expected 
to  draw  about  1,000  IT  service  managers,  to 
showcase  new  features  in  their  product 
suites. 

Forrester  Research  estimates  that  30%  of 
$1  billion-plus  companies  are  experiment¬ 
ing  with  ITIL  and  about  13%  have  imple¬ 
mented  it.  Vendors  such  as  BMC  Software, 
Managed  Objects,  Mercury  Interactive,  IBM 
and  Peregrine  Systems  also  have  begun  in¬ 
corporating  parts  of  the  ITIL  foundation 
into  their  service  management  products, 
which  industry  watchers  say  could  help  IT 
managers. 

Vendor  “use  of  preconfiguration,  tem¬ 


plates  and  best  practices  will  cut  users’  ITIL 
implementation  costs  and  hassles  in  half,” 
says  Jean-Pierre  Garbani,  a  vice  president 
with  Forrester. 

HP  offers  customers  services  and  soft¬ 
ware  that  when  used  with  its  service  desk 
and  other  third-party  software  could  help 
incorporate  ITIL  guidelines  into  incident- 
and  problem-management  processes.  The 
HP  ITSM  Express  Pack  for  Consolidated 
Service  Desk  is  add-on  software  that  pro¬ 
vides  IT  managers  with  written  processes 
based  on  HP’s  professional  services  divi¬ 
sion’s  experience  with  managing  services 
as  well  as  the  service  management  base¬ 
lines  in  ITIL.  The  software  works  with  exist¬ 
ing  service  desk  implementations  to  help 
IT  managers  more  easily  draft  processes,  for 
example,  to  respond  to  problems  and  deliv¬ 
er  services. 

“ITIL  is  not  a  cookbook  that  gives  detailed 
direction,”  says  Bill  Emmett,  chief  solutions 
manager  for  HP’s  Management  Software 
Business.“The  templates  are  prescriptive  in 


the  processes  customers  need  to  use  to 
align  their  operations  with  ITIL.” 

HP  also  announced  that  its  professional 
services  group  now  offers  a  set  of  four  ITSM 
Assessment  Services  the  company  says  will 
help  IT  managers  determine  at  what  stage 
they  should  deploy  ITIL.  Pricing  is  deter¬ 
mined  on  a  customer-by-customer  basis, 
HP  says. 

Also  at  the  conference,  Oblicore  plans  to 
detail  new  features  in  Guarantee  3.0,  soft¬ 
ware  that  manages  service-level  agree¬ 
ments  for  large  companies  and  service 
providers  to  ensure  that  IT  systems  are 
meeting  requirements  of  predefined  SLAs. 
Oblicore  says  it  uses  ITIL  guidelines  to  help 
customers  deliver  IT  service  catalogs  and 
incorporates  the  best  practices  to  manage 
SLAs. 

The  company  which  has  raised  more  than 
$20  million  in  venture  funding  and  boasts 
former  Tivoli  chief  Frank  Moss  as  the  chair¬ 
man  of  its  advisory  board,  says  it  enhanced  - 
the  third  generation  of  its  software  to  let  IT-*' 


managers  more  easily  create  rules  and 
relate  them  to  the  underpinning  service 
contract  and  to  determine  the  root  cause 
when  SLAs  are  missed  because  of  perform¬ 
ance  problems  in  IT  systems.  Now  the  soft¬ 
ware  enables  IT  managers  to  drill  down 
through  the  Guarantee  interface  to  deter¬ 
mine  the  problematic  IT  component. 

The  software  uses  a  combination  of  serv¬ 
er  and  distributed-agent  software  to  mea¬ 
sure  the  performance  metrics  specific  to 
established  SLAs  and  ensure  preset  thresh¬ 
olds  are  met.  For  instance,  if  a  server  is  per¬ 
forming  badly  but  is  not  directly  related  to 
a  known  SLA,  Guarantee  3.0  would  not  col¬ 
lect  or  enter  that  data  into  its  aggregation 
and  correlation  engine.  IT  managers  use  a 
Web-based  wizard  to  create  performance 
rules  based  on  SLAs  and  generate  reports. 
The  software  costs  about  $500,000.  ■ 
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Yipes  scales  Ethernet  service 

Addition  of  VPLS  designed  to  enable  greater  multipoint  reach. 


BY  JIM  DUFFY 

Yipes  Enterprise  Services  last 
week  rolled  out  an  Ethernet  offer¬ 
ing  that  uses  new  VPN  technology 
to  support  global  multipoint  con¬ 
nectivity 

The  service  exploits  the  Virtual 
Private  LAN  service  (VPLS),  a 
proposed  IETF  standard  that  sup¬ 
ports  the  connection  of  multiple 
sites  in  a  single  bridged  domain 
over  a  managed  IP/MPLS  net- 
work.The  goal  is  to  overcome  the 
limitations  of  ATM  and  frame 
relay  for  providing  a  protocol- 
transparent,  any-to-any,  full-mesh 
service  across  a  WAN. 

All  services  and  sites  in  a  VPLS 
appear  to  be  on  the  same  LAN, 
regardless  of  location.  This  re¬ 
moves  complexity  from  enter¬ 
prise  networks,  and  lets  carriers 
scale  their  offerings. 

“VPLS  —  which  will  do  auto¬ 
matic  distribution  over  a  mesh 
network  —  is  just  so  much  better 
[than]  trying  to  configure  a 
bunch  of  point-to-point  links  man¬ 
ually  for  wide-area  network  ser¬ 
vices,”  says  David  Hold  of  Current 
Analysis.  “It’s  a  question  of 
whether  a  company  as  small  as 
Yipes  can  effectively  market  it.” 


Who’s  got  it? 

A  partial  listing  of  service 
providers  employing  VPLS 
technology  for  multipoint 
Ethernet  services. 


Service  provider 

Available 

Allstream 

Now 

SureWest 

Now 

TelCeve 

Fall 

Tune  Warner  Telecom 

Now 

Verizon 

First  half  2006 

WilTel 

Now 

Yipes  Enterprise 
Services 

Now 

Yipes  is  rolling  out  the  service 
across  its  network  footprint,  which 
includes  14  metropolitan  areas  in 
the  U.S.  and  international  hubs  in 
Hong  Kong  and  London. 

The  service  is  anchored  on 
Juniper  M-series  routers,  which 
create  an  MPLS  Path  mesh  over 
which  all  Yipes  Ethernet  WAN  ser¬ 
vices  operate  at  Layer  2.Yipes  says 
the  VPLS  service  lets  companies 
replace  global  frame  relay  ATM 
and  private-line  networks  with 
Ethernet  services. 


Ethernet  is  increasingly  being 
pitched  by  carriers  as  a  flexible 
and  cost-effective  alternative  for 
those  legacy  data  services  (see 
story  at  wwwnetworkworld.com, 
DocFinder:  8939). 

One  big  selling  point  is  Ether¬ 
net’s  ability  to  provide  a  lower 
cost  per  bit  and  to  provide  a 
greater  range  of  bandwidth 
options.  Generally  Ethernet  costs 
$900  to  $1,000  per  month  for  10M 
bit/sec  throughput,  seven  times 
the  bandwidth  of  a  1.5M  bit/sec, 
$400-  to  $500-per-month  frame 
relayT-l.A  100M  bit/sec  Ethernet 
pipe  costs  about  the  same  as  a 
45M-bit/sec  ATM  link  —  about 
$5,000  per  month. 

Yipes’  new  VPLS-based  service 
costs  $1,000  to  $2,000  per  month 
for  10M  bit/sec  on  an  intra-metro 
basis,  and  $4,500  to  $7,000  per 
month  for  inter-metro.  For  50M 
bit/sec  service,  it  costs  $3,000  to 
$4,000  per  month  intra-metro,  and 
$9,000  to  $14,000  per  month  for 
inter-metro. 

Pricing  for  the  fully  managed 
Yipes  service  includes  the  local 
loop,  the  customer  premises 
equipment  and  the  WAN  services. 
Yipes  says  this  represents  a  20%  to 


40%  savings  over  Layer  3  VPNs. 

Total  cost  —  including  network, 
hardware  and  management  —  is 
typically  50%  to  70%  lower  than 
Layer  3  VPNs  because  of  simpli¬ 
fied  management,  provisioning 
bandwidth  at  1M  bit/sec  incre¬ 
ments  and  network  service  sav¬ 
ings,  Yipes  says. 

Pricing  aside,  Yipes  has  seen  a 
dramatic  change  in  why  cus¬ 
tomers  adopt  Ethernet,  says  Keao 
Caindec,  Yipes’  vice  president  of 
marketing. 

“Three  years  ago,  customers 
chose  Ethernet  services  because 
it  was  simple,  flexible  and  cost- 
effective  for  point-to-point  con¬ 
nections,”  he  says.  “Today’s  Ether¬ 
net  services  buyers  are  imple¬ 
menting  global,  multipoint-to-mul- 
tipoint  Ethernet-based  network 
solutions  due  to  application  and 
scalability  requirements.  Demand¬ 
ing  applications  such  as  electron¬ 
ic  trading,  electronic  discovery 
backup  and  recovery  and  elec¬ 
tronic  imaging  are  very  difficult  to 
operate  and  scale  in  a  timely 
manner  over  traditional  frame  re¬ 
lay  ATM,  private  line  and  IP  VPN 
networks.” 

As  a  Juniper  customer, Yipes  has 


implemented  the  non-hierarchi 
cal,  Kireeti  Kompella-written  draft 
of  VPLS.  Kompella  is  a  distin¬ 
guished  engineer  at  Juniper. 

Hierarchical  VPLS,  written  by 
Marc  Lasserre  of  Riverstone  Net¬ 
works  and  others,  allows  service 
providers  to  scale  VPLS  net¬ 
works  to  hundreds  of  thousands 
of  subscribers  by  enabling  them 
to  establish  hierarchies  of  con¬ 
nectivity.  These  hierarchies  are 
intended  to  simplify  network 
configuration  by  limiting  meshed 
circuits  to  the  core  of  the  net¬ 
work,  which  also  reduces  signal¬ 
ing  overhead  ■ 
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Volunteers  give  voice  to  evacuees 

The  hurricane’s  aftereffects  bring  about  efforts  to  provide  wireless  voice,  broadband  access, 


BY  JOHN  COX 

In  the  wake  of  Hurricane 
Katrina,  a  volunteer  group  of  net¬ 
work  and  wireless  experts  has 
moved  from  outfitting  small 
northeastern  Louisiana  shelters 
with  wireless  Internet  access  and 
VoIP  phones  to  preparing  a  des¬ 
perately  needed  45M  bit/sec 
wireless  pipe  for  the  entire  relief 
effort  in  devastated  Bay  Saint 
Louis,  Miss. 

“I’ve  never  witnessed  destruc¬ 
tion  like  this,” says  Paul  Smith,  tech¬ 
nology  director  with  the  Center 
for  Neighborhood  Technology  a 
Chicago  nonprofit  devoted  to 
making  cities  more  livable.  He’s 
one  of  scores  of  network  volun¬ 
teers  from  all  over  the  country 
who  are  creating  one  of  the  few 
success  stories  to  emerge  from 
Katrina’s  demolition  of  the  Gulf 
Coast’s  technology  infrastructure. 

As  Network  World  went  to  press 
last  week,  the  emergency  man¬ 
agement  staff  of  this  town  of  8,000 
people, plus  National  Guardsmen, 
Red  Cross  workers  and  local 
police,  fire  and  government  per¬ 
sonnel  were  relying  on  a  couple 
of  satellite  connections,  each  sup¬ 
porting  a  2M  bit/sec  downlink  and 
just  a  512K  bit/sec  uplink.  One  of 
the  links  had  been  set  up  at  the 
Hancock  County  Medical  Center 
by  local  U.S.  Navy  staff.The  second 
was  at  NASAs  Stennis  Space 
Center,  where  the  Emergency 
Operations  Center  (EOC)  is  based, 
coordinating  all  local,  state  and 
federal  relief  efforts  in  the  area. 

Outbound  GSM  cellular  voice 
calls  could  be  made  fairly  reliably, 
but  inbound  calls  were  over¬ 
whelming  the  battered  cell  net¬ 
works,  Smith  says. 

By  the  end  of  this  past  weekend, 
volunteers  expected  to  have  up 
and  running  a  45M  bit/sec  broad¬ 
band  wireless  connection  hop¬ 
ping  from  a  Bay  Saint  Louis  water 
tower  west  some  76  miles  to 
Hammond,  La.  “We’ve  been  given 
access  by  the  EOC  to  pretty  much 
the  city’s  entire  infrastructure,” 
Smith  says.  That  means  the  volun¬ 
teer  team  can  commandeer  one 
of  the  water  towers  outside  town 
for  the  main  backhaul  connec¬ 
tion,  essentially  a  commercial¬ 
ized,  high-powered  802.11a  54M 
bit/sec  radio. 

These  devices,  running  in  the 


unlicensed  spectrum,  require  line- 
of-sight  alignment.  The  link  will 
probably  make  two  intermediate 
hops  before  terminating  in 
Hammond. 

Spoking  out  from  the  water 
tower,  other  wireless  links  on  2.4- 
and  5.8-GHz  bands  will  carry 
throughput  to  25  shelters  around 
the  town,  the  medical  center  and 
most  importantly  to  the  EOC. 

In  some  cases,  Smith  expects  to 
deploy  a  wireless  IAN  mesh,  using 
open  source  software  from  the 
Champaign-Urbana  Community 
Wireless  Network  project,  and  hard¬ 
ware  from  Metrix  Communications: 
single-board  computers  in  a  weath¬ 
erproof  housing,  802.1  la/b/g  radio 
cards,  and  Rower  over  Ethernet  to 
simplify  deployment. 

At  each  site,  PCs,  laptops,  and  a 
combination  of  VoIP  phones  and 
VoIP-enabled  analog  phones  will 
be  able  to  access  the  radio  band¬ 
width  through  a  router  or  a 
switch. 

Local  action 

This  basic  technology  pattern 
and  the  entire  volunteer  wireless 
effort  grew  out  of  the  decision  by  a 
former  Mississippi  river  towboat 
captain  turned  wireless  broadband 
provider  to  set  up  a  similar  arrange¬ 
ment  at  the  Mangham  Baptist 
Church  in  nearby  Mangham,  La., 
about  240  miles  northwest  of  New 
Orleans. 

Mac  Dearman  is  CEO  of 
Maximum  Access,  a  wireless  ISP 
(WISP)  serving  a  large  rural  area 
around  Rayville.  The  day  after 
Katrina  struck,  he  stopped  at  the 
church  because  it  was  crowded 
with  cars.  He  found  scores  of 
evacuees  and  realized  everyone 
was  trying  to  use  the  one  phone 
in  the  church  office.  With  one  of 
his  wireless  towers  visible  nearby, 
Mac  and  his  brother  Jay  a  local 
pastor,  set  up  a  premises  radio,  a 
couple  of  spare  PCs  and  a  couple 
of  VoIP  phones. 

Evacuees  were  able  to  start  reg¬ 
istering  on  the  Federal  Emergency 
Management  Agency  (FEMA) 
Web  site,  entering  their  names  in 
the  missing  people  databases, 
searching  for  relatives  and  calling 
them,  at  a  time  when  government 
officials  and  emergency  manage¬ 
ment  crews  could  hardly  com¬ 
municate  with  each  other. 


Dearman  started  getting  calls 
from  other  area  churches  that 
were  sheltering  evacuees  and 
had  the  same  pressing  need  for 
communications.  After  about 
four  days,  Dearman  e-mailed  col¬ 
leagues  about  what  he  was  doing 
via  a  listserv  at  the  Wireless  ISP 
Association  (WISPA),  which  by 
then  was  working  with  another 
industry  group  of  WISPs,  Part- 
15.org,  on  ways  to  use  wireless 
gear  and  expertise  to  restore 
communications. 

Almost  at  once  donations  start¬ 
ed  flowing  in,  $1,100  within  30 
minutes  of  Dearman’s  first  e- 
mail.  The  next  day,  Jim  Patient, 
president  of  Jeffco  SOHO,  a  WISP 
in  House  Springs,  Mo., showed  up 
with  a  van  loaded  with  relief 
supplies  and  time  to  spend  work¬ 
ing  alongside  Dearman.  People 
kept  arriving,  from  Seattle  to 
Buffalo  and  everywhere  in 
between,  bringing  more  sup¬ 
plies,  equipment,  money  and 
unflagging  energy  despite  the 
clinging,  wet  heat,  and 
Louisiana’s  vicious  fire  ants. 

After  a  conference  call  orga¬ 
nized  by  the  FCC  on  Friday,  Sept. 


9,  Part-15  was  tasked  with  coordi¬ 
nating  volunteer  efforts,  and 
WISPAs  officers  threw  their  sup¬ 
port  behind  that.  Both  groups 
used  their  e-mail  lists  and  Web 
sites  to  promote  the  cause  and 
provide  channels  for  contribu¬ 
tions  of  money  and  gear.  Part-15 
members  also  were  streaming 
into  the  Gulf  Coast  area,  working 
with  local  WISPs  to  restore  their 
networks  and  creating  new  ones. 
“We  can  create  voice  and  data 
services  of  any  magnitude  within 
48  hours  of  arrival,”  says  Michael 
Anderson,  chairman  of  Part-15. 

Two  miles  of  Cat  5 

In  days,  the  growing  volunteer 
crew  based  at  Dearman’s  home 
had  equipped  more  than  a 
dozen  shelters  in  the  Rayville 
area,  stringing  nearly  two  miles  of 
Category  5  cable,  giving  hun¬ 
dreds  of  evacuees  data  and  voice 
communications.  By  Monday, 
Sept.  13,  less  than  a  week  after 
starting,  the  open  source  Asterisk 
IP  PBX  server  being  used  had 
handled  more  than  10,000  out¬ 
bound  calls,  according  to  Jeffco’s 
Patient.  “And  we  don’t  tax  the 


public  phone  network,”  he  says. 
“On  the  public  net,  you  have  to 
call  15  times  to  get  a  connection. 
With  our  stuff,  you  get  dial  tone 
and  you  make  the  call.” 

When  Patient  returned  to  one 
shelter  with  another  PC,  an  evac¬ 
uee  threw  her  arms  around  him 
and  hugged  him  tightly  “She  said, 
‘God  bless  you,  I  found  my  broth- 
erj”he  says. 

The  move  came  at  the  behest  of 
two  nonprofits  working  in  the 
Mississippi  town:  Inveneo,  which 
designs  affordable  technology 
for  developing  countries,  and 
CityTeam  Ministries,  which  works 
with  the  homeless  and  poor  in 
seven  U.S.  cities. 

Frustrations 

There  have  been  plenty  of  frus¬ 
trations,  too.  Local  Red  Cross 
chapters  repeatedly  refused  to  let 
WISPA  volunteers  set  up  wireless 
connections  to  their  facilities, 
according  to  Dearman,  relying 
instead  on  a  single  DSL  line  in 
some  cases,  and  in  one  case  on 
pay  phones. 

The  Center  for  Neighborhood 
Technology’s  Smith  brought 
down  a  batch  of  Pentium  3  PCs 
donated  to  the  center,  which 
reloaded  them  with  Linux  and  a 
batch  of  open  source  software 
applications,  including  the 
Firefox  browser.  The  computers 
worked  fine  for  everything 
except  what  is  arguably  the  most 
important  application:  registering 
for  federal  disaster  assistance  on 
the  FEMA  Web  site. 

After  hours  of  troubleshoot¬ 
ing,  Smith  found  that  FEMA 
requires  the  use  of  Internet 
Explorer  6.0.  “And  it’s  just  a  sim¬ 
ple  HTML  form,”  Smith  says.  “It 
doesn’t  need  the  use  of  some 
special  [Internet  Explorer] -only 
feature.”  Valuable  hours  were 
spent  tracking  down, and  paying 
for,  Windows  licenses. 

After  72  hours  without  a  show¬ 
er,  Smith  says  his  odor  started 
frustrating  co-workers. 

They  dragged  him  downtown 
where  something  perhaps  even 
more  valuable  at  that  moment 
than  wireless  broadband  had 
been  set  up:  a  semitrailer  rigged 
up  with  shower  cubicles,  a 
changing  area  and  pressurized 
hot  water.* 


\ 


_THE  INVASION 

_DAY  3:  The  servers  have  taken  over.  We  bought 
so  many  affordable  ones  we  can’t  afford  the  people 
to  manage  them.  How  far  does  this  sprawl  spread? 
Have  they  taken  over  the  city?  The  planet? 

Ma,  have  they  gotten  to  you,  too?  (Must  type 
very,  very  quietly.  They’re  L-I-S-T-E-N-I-N-G.) 


# 
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ConSentry  controls  'Net  access 


BY  TIM  GREENE 

ConSentry  is  shipping  a  security 
box  that  enforces  policies  on 
LANs  without  requiring  cus¬ 
tomers  to  upgrade  switches, 
which  they  must  do  if  buying  into 
comprehensive  plans  from  some 
large  network  vendors. 

The  Secure  LAN  Controller  lim¬ 
its  the  network  resources  individ¬ 
uals  are  allowed  to  access  and 
shuts  down  suspicious  connec¬ 
tions  that  appear  to  be  the  work 
of  malware,  the  company  says. 

The  boxes  sit  between  work¬ 
group  switches  and  routers 
inspecting  traffic  to  Layer  7,  and, 
by  virtue  of  using  custom  chips, 
accomplishes  this  with  a  worst- 
case  latency  of  500  microseconds, 
says  Tom  Barsi,  the  company’s 
president  and  CEO. 

The  devices  have  four  aims:  con¬ 
trolling  access  to  the  network, 
showing  what  each  user  is  doing, 
managing  the  resources  individu¬ 
als  and  groups  can  reach,  and 
stopping  outbreaks  of  viruses  and 
worms.  These  are  similar  to  the 
goals  of  Cisco’s,  Juniper’s  and 
Microsoft’s  security  initiatives. 


The  difference  is  that  Con- 
Sentry’s  setup  requires  less  equip¬ 
ment  and  less  cooperation  among 
vendors,  making  it  simpler  to  use, 
says  Dave  Passmore,  research 
director  for  Burton  Group. 

The  Las  Vegas  Review-Journal 
newspaper  finds  that  operating 
and  maintaining  its  ConSentry 
devices  is  much  simpler  than  the 
alternative  it  had  been  using, 
says  Steven  Olson,  the  paper’s 
infrastructure  manager. The  com¬ 
pany  had  restricted  the 
resources  users  could  access  by 
installing  internal  firewalls  and 
establishing  rules  that  restricted 
certain  subnets  to  a  specific  set 
of  network  resources.The  system 
relied  on  static  IP  addresses,  so 
any  time  a  user  moved  offices, he 
had  to  change  firewall  rules. 

With  the  ConSentry  box,  poli¬ 


cies  for  individual  users  are  set 
in  Active  Directory  and  the 
Secure  LAN  Controller  enforces 
them.  “My  profiles  remain  in 
effect  even  with  roaming,”  Olson 
says.  With  policies  applied  per 
user  rather  than  per  machine,  the 
Review-Journal  has  been  able  to 
institute  DHCF?as  well. 

ConSentry’s  appliance  pro¬ 
vides  real-time  views  of  what 
users  are  doing  and  furnishes 
reports  on  incidents,  something 
that  was  difficult  with  Juniper 
intrusion-prevention  gear  and 
NetScreen  firewalls  the  compa¬ 
ny  had  in  place,  Olson  says. 

ConSentry’s  device  doesn’t 
address  all  the  factors  that  Cisco’s 
Network  Admission  Control 
does.  For  instance,  it  doesn’t  scan 
the  machine  logging  on  to  see 
whether  it  meets  corporate  secu¬ 


rity  policies,  but  Barsi  says  the 
company  will  announce  a  part¬ 
ner  within  a  month  that  will  pro¬ 
vide  endpoint  security 
Secure  LAN  Controller  comes 
in  two  models,  the  CS  1000  and 
CS  2400.The  former  supports  200 
users,  has  10  Gigabit  Ethernet 
ports  and  supports  2G  bit/sec 
of  throughput.  It  costs  $18,000. 
The  CS  2400  supports  1,000 
users,  has  24  Gigabit  ports  and 
a  throughput  of  10G  bit/sec.  It 
costs  $28,000.  ■ 
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Cisco  targets  SMBs  with  convergence 


BY  PHIL  HOCHMUTH 

Cisco  this  week  is  expected  to  launch  bun¬ 
dled  IP  voice  and  switching  gear  for  small  and 
midsize  businesses  looking  to  roll  out  con¬ 
verged  networks  quickly  and  at  a  low  cost. 

The  packages  include  new  switches,  new  ver¬ 
sions  of  Cisco’s  CallManager  Express  IP  PBX  for 
small  offices  and  management  tools  for  quick¬ 
ly  getting  converged  networks  online  with  sup¬ 
port  for  50  to  1 ,500  users,  the  company  says. 
Cisco  says  that  by  buying  these  packages,  cus¬ 
tomers  can  save  up  to  35%  on  switching,  rout¬ 
ing  and  VoIP  hardware  and  software  compared 
with  buying  the  products  piecemeal. 

The  two  bundles  are  aimed  at  organizations 
with  20  to  250  end  users,  and  250  to  1,500  end 
users,  respectively  For  smaller  shops,  the  prod¬ 
uct  bundle  includes  CallManager  Express  3.3, 
which  runs  on  a  module  that  fits  into  Cisco’s 
ISR  line  of  WAN  routers,  as  well  as  a  new  ver¬ 
sion  of  Unity  Express,  Cisco’s  unified  voice/e¬ 
mail  messaging  product.  New  features  include 
the  ability  to  set  up  call-in  conference  num¬ 
bers  on  CallManager  Express, and  broader  lan¬ 
guage  support  for  Unity  Express.The  20-to-250- 
user  offering  also  includes 
the  option  of  two  new  IP 
phones  —  the  794 1G  and 
796 1G  —  which  include 
large  screens  for  support¬ 
ing  language  characters 


such  as  Cantonese  or  Japanese. 

The  new  Catalyst  Express  500  series  of 
switches  also  are  part  of  the  small-business 
package.  These  switches,  which  include  12  or 
24  ports  of  10/100/1,000M  bit/sec  Ethernet, 
are  aimed  at  small  shops  that  require  easy 
setup  and  management,  Cisco  says.  Toward 
that  end,  the  Catalyst  Express  boxes  are  con¬ 
figured  via  a  GUI-based  Cisco  Network 
Assistant  3.0  tool,  instead  of  the  standard 
Cisco  command  line  interface  on  most 
Catalyst  switches. 

For  businesses  with  250  to  1,500  employees, 
that  bundle  includes  options  for  a  new  voice 
mail-only  version  of  Cisco  Unity  as  well  as  sev¬ 
eral  tools  for  setting  up  and  managing  VoIP 
networks,  a  scaled-down  version  of  Cisco 
MeetingPlace  collaboration  software  and 
three  new  IP  phones. 

New  management  tools  include  the  IP 
Communications  Operations  Manager,  a  GUI- 
based  application  that  includes  two  Cisco  1040 
Sensor  appliances,  which  allow  customers  to 
view  performance  and  service  levels  for  up  to 
1 ,000  phones.  The  Voice  Provisioning  Tool  lets 
customers  set  up  end  users 
for  CallManager  and  Unity 
voice  mailbox  settings  — 
tasks  required  separate 
applications  in  the  past. 
Another  new  software  prod¬ 


uct,  the  IP  Communications  Operations 
Manager,  lets  administrators  view  call  quality 
on  individual  calls  across  a  small  network. 

A  new  switch  series,  the  Catalyst  2960,  also  is 
being  introduced  for  this  product  package.The 
24-  or  48-port  switch  (10/1 00/ 1 ,000M  bit/sec  on 
ports)  includes  more  memory  than  the  previ¬ 
ous  mid-market  Layer  2  Catalyst  2950,  allowing 
the  box  to  support  more  features  such  as 
access  control  lists  and  QoS,  Cisco  says. 

MeetingPlace  Express  is  a  scaled  down  ver¬ 
sion  of  Cisco’s  MeetingPlace  software  (120 
simultaneous  users  instead  of  960).  The  soft¬ 
ware  lets  customers  set  up  meetings  with 
voice  and  Web  collaboration  with  a  centra! 
call-in  number  and  Web  site, similar  to  services 
offered  by  WebEx  and  other  providers. 

Bundles  including  routers  with  built-in  VoIP 
gear,  phones  and  switches  will  cost  about  $450 
to  $650  per  employee,  Cisco  estimates, 
although  channel  partners  set  pricing  based 
on  Cisco  guidelines.  For  individual  products, 
the  Catalyst  Express  500  series  starts  at  $800 
and  the  Catalyst  2960  switches  start  at  $1,300. 
The  IP  Communications  Operations  Manager 
costs  $14,000  —  or  $23,000  when  bundled 
with  the  Service  Monitor.  The  Voice 
Provisioning  software  costs  $1,000.  The  IP 
phones  start  at  $400.  MeetingPlace  Express 
starts  at  $70,000  and  is  expected  to  be  avail¬ 
able  in  December.  ■ 


I  Read  how  Cisco  is  tackling 
RFID  in  the  network.  Page  26. 
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_DAY  30:  It  s  gotten  worse.  I  m  trapped  in  a  maze 
of  our  own  creation.  Oh,  the  irony.  I  need  an 
answer.  (P.S.  I’m  frightened.) 


\ 


_DAY  31:  I  need  IBM  Systems  with  virtualization 
technology.  Helps  you  manage  your  servers  and  storage, 
each  from  a  single  view,  so  you  can  deploy  resources 
1  on  the  fly.  Lets  you  scale  up  and  out  quickly. 

I  will  achieve  control.  I  will  be  a  big  hero. 

^  -  They  will  call  me  Ned.  Ned,  Champion  of  Simplicity. 
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Big  buckets 


Microsoft  showed  off  buckets  of  new  code  at  its  Professional  Developer’s  Conference  that  factor 
heavily  into  what  Microsoft  hopes  is  the  future  appeal  of  its  Windows  platform.The  company 
handed  out  more  than  30G  bytes  of  software  to  attendees. 


Product 


Windows  Vista 

Office  12 _ 

Longhorn  Server 


Description 


Next- 


New  interfaces  to  productivity  suite. 


M^jor  revision  of  server  operating  system. 


Availability 


Second  half  of  2006 


Second  half  of  2006 


Second  half  of  2007 


Expression  suite 


Tools  to  design  user  interfaces  for  applications. 


Release  date  not  announced. 


Windows  Workflow 
Foundation 


Sub-system  for  the  operating  system. 


Ships  with  client  in  2006,  server  in  2007. 


Atlas 


Framework  for  building  Asynchronous  JavaScript  and  I 
(AJAX)  style  applications. 


Fanguage  Integrated 
Query  Project 


Fanguage  innovations  for  the  .Net  framework  to  simplify 
access  to  data  for  developers. 


!\  F  Some  project  types  already  released  on 
the  Web. _  _ 

Microsoft  has  not  announced  how  this 
will  become  a  formal  product. 


Visual  Studio  Tools  for 
Applications 


Next-generation  Visual  Basic  for  Applications  development  tool. 


Microsoft 

continued  from  page  1 

engine,  also  introduced  last  week. 

That  platform  is  key  for  corpo¬ 
rations  that  plan  to  move  into  the 
next  era  of  distributed  comput¬ 
ing,  involving  service-oriented 
architectures. 

Vista  and  Office  are  scheduled 
to  ship  late  next  year.  Longhorn  is 
expected  to  follow  in  2007. 

Microsoft  is  trying  to  persuade 
users  that  Office  will  become  a 
rich-client  alternative  that  will  add 
features  to  server-side  computing, 
and  it  is  starting  to  spur  interest. 

“You  are  seeing  how  all  this  stuff 
is  adding  up,”  says  Ferdy  Khater, 
managing  director  for  application 
development  for  a  transportation 
company  he  asked  not  be  named. 
“Vista  and  Longhorn  represent 
change,  but  they  fall  in  line  with 
what  Microsoft  has  been  telling  us 
would  happen.” 

Khater  says  that  fact  would 
make  upgrades  easier,  because  he 
has  known  Microsoft’s  overall 
plan  for  the  past  few  years.  “My 
current  investment  in  Windows 
will  not  go  to  waste,”  he  says. 

Others  also  welcome  changes 
introduced  at  PDC.They  include 
those  made  to  the  Office  interface 
and  the  addition  of  back-end 
servers  for  its  productivity  appli¬ 
cations. 

“I  am  impressed  with  the  Office 
12  user  interface,”  says  Brad 


Clements,  vice  president  of  engi¬ 
neering  for  netdocuments,  an 
application  service  provider  that 
hosts  corporate  document  man¬ 
agement  environments. 

Microsoft  has  updated  Office 
with  graphics  designed  to  make  it 
easier  to  find  features  and  func¬ 
tions.  The  interface  replaces  tradi¬ 
tional  drop-down  menus  and  tool- 
bars.“It  will  make  a  big  difference, 
because  all  of  our  users  are  Office 
users,  and  they  are  users  that  don’t 
know  Office  that  well,”  Clements 
says. 

But  he  cautions  that  not  every¬ 
thing  Microsoft  is  doing  is  a  bull’s- 
eye,  especially  the  Windows 
Presentation  Foundation  (WPF), 
which  provides  developers  with 
dramatic  visual  options  on  the 
desktop,  such  as  3-D  rendering.  “I 
think  this  may  bring  less  consis¬ 
tency  across  the  Windows  inter¬ 
face,  because  now  developers 
and  designers  can  do  just  about 
anything  they  want.”  Clements 
says  the  inconsistency  will  be  jar¬ 
ring  to  end  users  and  could  mean 
a  rise  in  training  costs. 

Analysts  say  that  Microsoft  faces 
a  challenge  proving  WPF  has 
value  to  corporate  users. 

‘A  case  can  be  made  for  [WPF] , 
but  so  far  Microsoft  has  not  made 
it,”  says  Greg  DeMichillie,  senior 
analyst  for  development  plat¬ 
forms  and  tools  at  consultancy 
Directions  on  Microsoft.  He  says 
WPF  has  mostly  been  shown  as 


“eye  candy”  and  not  how  it  might 
aid  usability  “That  is  the  single 
biggest  hole  in  terms  of  execution 
that  they  need  to  fill.” 

Some  independent  software 
developers  say  the  platform  may 
have  more  appeal  to  corporate 
users  than  it  does  for  them. 

“At  the  PDC  in  2003  we  heard 
about  the  pillars  of  Longhorn,  but 
what  is  left  is  a  GUI,  a  workflow 
engine  and  Office  12  with 
SharePoint  on  the  back  end,” says 
Steve  Wong,  senior  software  sci¬ 
entist  with  Avamar,  which  devel¬ 
ops  back-up  and  restore  technol¬ 
ogy  SharePoint  includes  technol¬ 


ogy  for  building  online  work¬ 
spaces  around  collaboration  and 
document  sharing.  “I’m  not  trou¬ 
bled  by  what  they  are  trying  to 
do;  I  just  think  it  is  more  oriented 
for  corporations.” 

Microsoft  is  sharply  focused  on 
that  area,  where  budget  crunches 
and  contentment  with  existing 
feature  sets  have  stagnated 
upgrades  to  desktop  clients  and 
Office  applications. 

“There  is  more  in  this  release 
than  [IT  pros]  have  seen  since 
Windows  2000,”  says  Jim  Allchin, 
group  vice  president  for  platforms 
at  Microsoft.  Allchin  adds  that  the 


Second  half  of  2006 


software  appeals  in  different  ways 
to  different  user  sets,  including 
consumers  and  OEMs. 

“There  are  a  lot  of  things  in  Vista 
for  the  enterprise  that  are  com¬ 
pelling,”  says  Peter  O’Kelly  an  ana¬ 
lyst  with  Burton  Group.  “You  have 
security,  management,  robustness, 
fewer  reboots.  I  don’t  think  you  are 
going  to  see  people  running  out  in 
droves  to  upgrade,  but  I  think  a  lot 
of  people  will  refresh  their  desk¬ 
tops,  servers  and  applications.” 

Microsoft  would  benefit  greatly 
from  such  a  refresh  given  that 
operating  income  has  been  rela¬ 
tively  flat  in  recent  years  for  both 
the  Windows  client  operating  sys¬ 
tem  and  Office.  Corporate  users 
also  could  benefit  from  more 
security  and  manageability 

Not  everyone  is  sold  on  the 
direction  Microsoft  is  taking. 

“They  are  going  back  to  the 
client/server  days  while  everyone 
else  is  architecting  their  platform 
for  a  services  model,”  says  Dana 
Gardner,  principal  analyst  with 
Interarbor  Solutions.  ■ 
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Microsoft's  vice 
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Microsoft  looks  to  secure  digital  IDs 


BY  JOHN  FONTANA 

LOS  ANGELES  —  Looking  to  ease  the  way 
customers  manage  their  digital  identities, 
Microsoft  has  begun  working  to  integrate  its 
InfoCard  authentication  technology  with 
Internet  Explorer  and  is  in  discussions  with 
the  Firefox  and  Safari  browser  developers  to 
have  them  include  the  technology  on  their 
platforms. 

According  to  Microsoft  officials,  InfoCard 
integration  could  show  up  in  Internet  Explorer 
7.0  even  though  InfoCard  is  currently  not  on 
the  feature  list.  The  goal  is  to  improve  security 
and  privacy  on  the  Internet  using  the  InfoCard 
model,  which  puts  users  in  control  of  their  per¬ 
sonal  identity  information  and  would  elimi¬ 
nate  the  need  for  user  names  and  passwords 
to  sign  into  a  Web  site. 

“We  expect  many  different  applications, 
smart  apps,  Web  apps  and  browsers,  to  use 
InfoCard.  Our  own  browser  will  take  advantage 
of  it,”  says  Michael  Stephenson,  Microsoft’s 
group  product  manager  for  Windows  Server. 

In  addition,  Microsoft  is  hoping  others  will 


adopt  its  InfoCard  model  on  the  Web  to  help 
improve  security  and  privacy  with  a  common 
identity  layer. 

“We  are  having  concrete  discussions  with 
Firefox  and  others  about  specific  mechanisms 
that  would  communicate  between  a  Web  site 
and  the  browser  so  we  can  enable  credential 
selection  such  as  InfoCard,”  says  John 
Shewchuk,  CTO  of  distributed  systems  for 
Microsoft.  “If  we  do  this  right,  all  browser  ven¬ 
dors  could  provide  a  common  mechanism.” 

In  June,  Microsoft  unveiled  its  identity  meta¬ 
system,  which  includes  user-centric  privacy 
controls  in  the  form  of  InfoCard,  a  middle¬ 
ware  technology  called  Windows 
Communication  Foundation, Active  Directory 
and  a  slate  of  Web  services-based  protocols 
led  by  WS-Trust  that  Microsoft  and  IBM  have 
been  developing. 

WS-Trust  is  key  for  creating  Security  Token 
Service  (STS),  lightweight  gateways  for  servers 
and  clients  that  negotiate  the  exchange  of 
security  tokens,  such  as  Kerberos  or  the 
Security  Assertion  Markup  Language  (SAML). 


IBM  supports  the  technology  in  its  federation 
server,  and  Ping  Identity  has  an  open  source 
implementation  of  WS-Trust. 

In  the  browser  model,  Web  sites  would  need 
to  run  an  STS  in  order  to  signal  browser  users 
to  provide  their  InfoCard  identity  credentials. 

“If  there  is  useful  information  from  the 
InfoCard  work  that  doesn’t  necessarily  require 
InfoCard  technology  and  makes  browsers 
more  secure  then  we  would  like  to  see  that 
happen,”  says  Scott  Cantor,  who  works  on  the 
Internet2’s  Shibboleth  identity  project  and  the 
SAML  technical  committee  at  the  Organiza¬ 
tion  for  the  Advancement  of  Structured 
Information  Standards  (OASIS).  He  also  is  the 
author  of  OpenSAML  and  the  security  archi¬ 
tect  at  Ohio  State  University 

Another  key  to  recruiting  partners  is  stan¬ 
dardization  of  WS-Trust.  Microsoft’s  Stephen¬ 
son  says  the  company  and  partner  IBM  are 
finalizing  the  language  on  a  charter  to  get 
WS-Trust,  WS-SecurityPolicy  and  WS-Secure- 
Conversation  submitted  this  month  to 
OASIS  for  standardization.  ■ 


Control  starts  with  IBM  Systems. 


Control  the  sprawl  by  physically  consolidating  your 
servers  and  storage,  putting  more  power  in  less  space. 

Control  complexity  by  pooling  systems  and  managing 
them  from  a  central  location.  Reducing  your  number  of 
disconnected  servers  and  storage. 

Control  costs  with  servers  that  partition  virtually  so 

you  can  do  more  with  less  on  a  single  system. 

r 

Control  time  with  systems  and  software  designed 
to  dynamically  manage  workloads  and  data  storage, 
helping  to  optimize  resources.  I 

Control  your  IT  destiny  with  IBM  Systems  -  a  range 
of  innovative  servers  and  storage  that  have  been  designed 
to  make  your  infrastructure  and  your  life  simpler.  i 


IBM.COM/TAKEBACKCONTROL 


Server  and  storage  products  may  require  purchase  of  more  than  one  product  or  feature  to  enable  the  virtualization  capabilities.  These  products  or  features  may  incur  an  additional  charge.  IBM  and 
the  IBM  logo  are  trademarks  or  registered  trademarks  of  International  Business  Machines  Corporation  in  the  United  States  and/or  other  countries.  ©2005  IBM  Corporation.  All  rights  reserved. 
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Katrina 

continued  from  page  1 

patient  record  system,  and  a  back¬ 
up  Cisco  Catalyst  6509  backbone 
switch.  Better  to  have  a  cool  spare 
Catalyst  on  hand  in  case  the  pri¬ 
mary  one  failed,  Induni  says, 
instead  of  letting  both  switches 

fry 

Doctors  and  nurses  moved  to 
the  back-up  method  of  paper 
record-keeping  during  the  brunt 
of  the  storm  when  the  mainframe 
was  offline. 

“It  was  also  a  gamble  strategy  to 
keep  the  communication  lines 
up,”  Induni  says.'The  504  area 
code  became  useless;  e-mail 
became  the  only  reliable  source 
of  communications.” 

Ochsner  was  able  to  keep  e- 
mail  and  Web  access,  because  its 
T3  line  connecting  to  a  back-up 
site  in  Baton  Rouge  still  worked. 

‘At  the  peak  of  the  storm,  during 
the  100-mile-an-hourgusts,I 
walked  over  to  the  nurses’  unit, 
and  they  were  keeping  track  of 
the  storm  online  and  e-mailing 
people,”  Induni  says.“If  we  were 
cut  off  completely  people  would 
have  gotten  really  nervous  and 
would  have  been  unable  to  work. 
It  was  our  only  lifeline  to  the  out¬ 
side  world.” 

Ochsner’s  IT  staff  in  New 
Orleans  and  Baton  Rouge  still 
had  to  scramble  to  keep  e-mail 
available,  even  after  the  storm.  A 
fiber  cut  in  New  Orleans  after  the 
storm  terminated  access  to  the 
hospital’s  e-mail  servers,  located 
at  another  facility  on  the  hospi¬ 
tal’s  metropolitan-area  network  in 
the  city  Teams  at  the  remote  site 
quickly  built  Novell  GroupWise 
boxes  to  serve  the  New  Orleans 
facility  via  the  T-3  link. 

‘All  the  disaster  planning  in  the 
past,”  which  focused  on  the 
upkeep  of  systems  and  data  avail- 
ability“became  second  fiddle  to 
the  need  to  maintain  outside 
communications,”  Induni  says. 

In  keeping  the  technical  ser¬ 
vices  running  at  the  400-bed  hos¬ 
pital  —  one  of  only  three  in  the 


Got  great  ideas? 


■  Got  a  suggestion  for  a  Wider  Net 
story?  An  offbeat  network  industry- 
related  topic?  A  fascinating  person¬ 
ality  we  should  profile?  Contact 
Bob  Brown  with  your  ideas  at 
bbrown@nww.com. 


Toll  on  infrastructure 

Early  estimates  on  damage  from  Katrina  to  network 
infrastructure  put  the  costs  in  the  hundreds  of  millions  of 
dollars  for  some  service  providers: 

Damage  costs  (in  millions) 
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city  that  remained  open  during 
the  storm  —  Induni  gives  all  the 
credit  to  his  staff. 

“The  human  side  of  this  is 
huge,”  he  says.“Many  of  our  staff 
people  have  lost  their  homes. 

One  person’s  house  is  covered  in 
oil.They’ve  lost  everything.  We’ve 
had  to  go  through  that  adjust¬ 
ment  and  that  understanding,  but 
we’re  also  expected  to  be  produc¬ 
tive.  ..  .We  put  a  lot  of  thought  into 
what  we  were  doing  and  why  we 
were  here. There  were  a  lot  of 
opportunities  for  our  folks  to 
throw  their  hands  up  in  the  air . . . 
but  we  pulled  through  it.” 

Courting  disaster 

Up  north  in  Baton  Rouge,  for 
Louisiana’s  state  and  local  court 
systems,  Katrina  will  be  the 
harsh  lesson  of  a  lifetime  on  the 
importance  of  disaster-recovery 
planning  for  data  backup,  says 
Freddie  Manint,  CIO  for  the 
Louisiana  Ninth  Judicial  District 
Court. 

The  state  court  offices  in 
Baton  Rouge  are  now  overflow¬ 
ing  with  employees  from  clerks 
offices,  and  sheriffs  departments 
from  Jefferson  Parish,  Plaque¬ 
mines  Parish,  Orleans  Parish  and 
others  are  now  operating  out  of 
spare  rooms,  closets  and  any 
open  space  available  in  the 
state  court  offices,  working  from 
laptops  tied  in  to  the  state 
court’s  LAN. 

“They’re  getting  everything  they 
need  to  get  some  kind  of  opera¬ 


tions  running  and  to  plan  their 
next  move,”  Manint  says.The 
problem  is,  [parish  court  adminis¬ 
trators]  haven’t  been  able  to 
assess  how  much  they  lost  in 
terms  of  IT  infrastructure,  databas¬ 
es  and  records.  A  lot  of  [court] 
facilities  did  not  have  disaster 
recovery  hot  sites  with  immediate 
failover.  A  lot  of  documents  were 
just  in  hard-copy  form,  and  they’re 
under  water  now.  A  large  portion 
of  systems  are  ruined.” 

Each  of  Louisiana’s  64  parishes 
operates  its  own  court  system, 
with  its  own  records  and  files, 
some  electronic,  some  not.  None 
of  these  systems  were  linked  to  a 
centralized  system  for  backup  or 
disaster  recovery  Manint  says. 

“The  justice  system  in  Louisiana 
is  really  going  to  waver  here  for  a 
while,”  Manint  says.“We’ve  got 
people  in  jails  all  over  the  state 
right  now  that  have  no  paper¬ 
work  and  we  have  no  way  to 
offer  them  any  kind  of  means  for 
adjudication.” 

Just  last  week,  some  court 
records  from  Orleans  Parish  clerk 
offices  were  recovered.The 
Digital  Linear  Tapes  were  en 
route  to  Baton  Rouge  to  see  what 
is  salvageable.“Hopefully  we  can 
extrapolate  something  useful 
from  that,”  Manint  says. 

Measured  against  parish  court 
facilities  near  the  Gulf,  the  state 
court’s  facilities  in  Baton  Rouge 
got  off  easy  except  for  some 
sporadic  power  outages,  and 
experienced  no  data  loss, 


Manint  says.The  state  court  sys¬ 
tem  uses  VMware  software  to 
create  virtual  server  images  to 
back  up  its  core  database  files 
and  records,  which  are  dis¬ 
persed  across  facilities. 

Manint  says  the  state  court’s 
over-built  10G  Ethernet  back¬ 
bone,  which  includes  redundant 
3Com  Switch  7700s,  has  han¬ 
dled  the  influx  of  new  employ¬ 
ees  well  with  plenty  of  band¬ 
width  to  spare.  He  says  3Com 
was  very  responsive  to  the 
influx  of  workers  into  the  court’s 
Baton  Rouge  offices,  Manint 
says,  with  the  vendor  sending 
several  hundred  LAN  switches 
and  IP  phones  to  set  up  the  tem¬ 
porarily  offices. 

He  estimates  that  80%  of  court 
IT  infrastructure  in  the  New 
Orleans  area  will  have  to  be 
replaced. 

As  for  the  future,  Manint  is  hop¬ 
ing  for  more  federal  funding  to 
modernize  how  Louisiana  han¬ 
dles  and  protects  court  records. 

“Everyone  wants  disaster 
recovery  but  they  don’t  want  to 
fund  it,”  he  says.“lt’s  not  impor¬ 
tant  until  you  don’t  have  it. 
Everyone  was  always  talking 
about  the  big  one  but  not  doing 
anything  about  it.  Now  the  big 
one  hit,  and  everyone’s  standing 
around  saying,  oh  man,  we  got 
wiped  out.The  excuse  that 
there’s  no  funding  [for  disaster 
recovery]  is  not  an  excuse  any¬ 
more.  ...  If  you  don’t  have  data, 
you  don’t  have  a  job.” 

History  teaches  a  lesson 

For  one  electrical  and  telecom 
utility  working  through  the  storm, 
lessons  learned  during  Hurricane 
Ivan  last  year  and  Dennis  in  1999 
paid  off  during  Katrina. 

The  Southern  Company  opera¬ 
tor  of  power  utilities  and  wire¬ 
less  services  in  Georgia,  Ala¬ 
bama,  Florida  and  Mississippi, 
began  preparing  for  the  next  big 
storm  last  year  by  building 
redundant  SONET  rings  to  con¬ 
nect  its  sites  across  states.  Right 
up  to  the  first  100-mph  gusts, 
crews  were  readying  mobile 
field  offices  with  PCs, VoIP 
phones  and  satellite  uplinks.  In 
Mississippi  plants,  workers  were 
sandbagging  doors  to  telecom 
rooms  and  wrapping  PCs  up  in 
plastic  wrap. 

“By  all  measures  Katrina  was  a 
much  more  severe  storm  than 
either  Ivan  or  Dennis,  but  the 
impacts  were  less  in  terms  of  the 
number  of  sites  down,”  says  Dan 


Traynor,  director  of  IT  infrastruc¬ 
ture  services. 

During  Ivan,  Southern  Company 
lost  connectivity  to  several  sites 
because  its  long-haul  fiber  was 
laid  out  in  a  linear  topology;  one 
fiber  break  meant  everything  be¬ 
yond  the  cut  was  offline.  Last  year, 
the  company  rebuilt  its  long-haul 
fiber  in  an  OC48  ring  using  opti¬ 
cal  gear  from  Ciena.  During 
Katrina,  the  company’s  fiber  rings 
broke  in  three  areas,  but  data  ser¬ 
vices  were  not  interrupted,  he 
says. 

Another  lesson  learned  from 
Ivan  was  the  concept  of  adding 
satellite  communications  for 
staging  areas  to  quickly  get 
downed  lines  back  up. This  time, 
the  Southern  Company  rented 
mobile  offices  ahead  of  time 
and  outfitted  them  with  comput¬ 
ers,  network  gear, VoIP  phones 
and  a  satellite  uplink,  which 
beamed  voice  and  data  to  a 
satellite  service  provider  and 
back  to  the  company’s  Atlanta 
headquarters.This  kept  field 
technicians  online  through  the 
restoration  process;  174,000  of 
Mississippi  Power’s  195,000  cus¬ 
tomers  were  back  online  as  of 
last  week. 

With  Mississippi  Power’s  corpo¬ 
rate  offices  now  uninhabitable, 
the  company  is  working  to  get 
the  300  employees  there  up  and 
working  again. 

Before  the  storm  hit  Mississippi, 
back-up  tapes  of  critical  databas¬ 
es  and  applications  were  driven 
to  alternate  sites  in  Alabama  and 
Georgia,  where  IT  staff  rebuilt  the 
systems  and  put  them  back 
online  via  the  OC-48  network. 

Mississippi  Power  employees 
are  now  going  to  work  in  mobile 
office  trailers  being  set  up  near 
the  Southern  Company’s  fiber 
facilities,  allowing  workers  to  tap 
into  the  SONET  network  and  use 
applications  as  if  they  were  back 
in  their  normal  office. 

More  amazing,Traynorsays,is 
the  attitude  of  the  employees. 

“Of  the  1,200  employees,  about 
half  of  them  had  severe  damage 
to  their  homes,  or  their  homes 
were  completely  destroyed,” 
Traynor  says. “At  the  same  time, 
these  people  were  working  on 
our  restoration  efforts;  they 
weren’t  thinking  about  them¬ 
selves.  It’s  pretty  inspiring.”  ■ 
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APC  solutions  that  carry 
the  "Blade-Heady'  Logo 
are  designed  to  handle  the 
demanding  network-critical 
physical  infrastructure 
requirements  of  high-density 
blade  server  applications. 
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Now  you  can  quickly  deploy  a 
standard-  or  high-density  site  of  My  size 
with  scalable,  top-tier  availability. 


Part 

Number 


Usable  Average 
IT  Racks  kW  per  Rack 


Price  Price  to  lease 

to  buy  (36  installments) 


ISXCR1SY16K16P5 

1 

up  to  5kW 

$14,999*  $499** 

ISXT240MD6R 

6 

up  to  5kW 

$149,999*  $4,999** 

ISXT240MD11R 

11 

up  to  5kW 

$249,999*  $7,999** 

ISXT280MD40R 

40 

up  to  5kW 

$699,999*  $21,999** 

ISXT2800MD100R 

100 

up  to  5kW 

$1,649,999*  $50,999** 

High  Density  Configuration  (shown  above) 

ISXT280HD8R 

8 

up  to  1 0kW 

$399,999*  $12,999** 

What  is 

„  .  ,  ,  ,  ,  datacenter 

All  multi-rack  configurations  feature:  jJgmgpjJ? 

%/  N+ 1  power  and  cooling 
%/  Secure,  self-contained  environment 
•/ Peak  capacity  of  20kW  per  rack 
•/  Enhanced  service  package 
%/ Integrated  management  software 


High  density  upgrades  start  at  $1 0,999 
On-site  power  generation  options  start  at  $29,999 
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Highly  available  and  manageable, 

quick-to-install,  scalable  architecture 

that  easily  supports  both  standard- 

and  high-density  applications. 

-  Up  to  20kW  a  rack  for  any 
blade  server  application 

-  Unlimited  racks 

-  Ships  in  5  days*** 

-  Installs  in  1  day*** 

-  Optional  on-site  power 
generation 

-  Raised  floor  not  required 

-  Vendor  neutral  guaranteed 
compatibility 


InfraStruXure1"  BuildOut  Tool 
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plenum  rated  cables.  And  less  smoke  means  less  costly  downtime,  making  it  the  most  advanced  fire 
safety  cable  technology  available  today  To  learn  more  about  DuPont ™  certified  limited  combustible  cable 
or  to  request  a  free  CD,  log  on  to  teflon.com/cablingmaterials  or  call  1-800-207-0/56. 
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Short  Takes 


Copper  conundrum 

High  bandwidth  requirements  may  force  LAN  cabling  decisions. 


■  Accton  Technology  last  week 
announced  its  ES4550  LAN  switch. 
The  box  has  28  Gigabit  Ethernet  ports 
and  four  small  form-factor,  pluggable 
slots  for  interchangeable  copper  or 
fiber  ports.  It  also  supports  two 
optional  10G  Ethernet  ports  for  high¬ 
speed  uplinks  to  a  data  center  or 
LAN  backbone  switch.  The  vendor 
says  the  switch-on-a-chip  architec¬ 
ture  of  the  ES4550,  using  silicon  from 
Agere,  also  makes  the  box  one-third 
the  size  of  competitive  stackable 
switches  —  and  run  cooler  than  other 
switches.  The  ES4550  is  scheduled  to 
ship  in  November  priced  at  $2,000. 

■  ActivCard  has  announced 
SecureLogin  Single  Sign-On 
Version  5.5,  the  first  version  of  its 
SSO  software  since  it  acquired 
Australia-based  competitor  Proto- 
corn  Development  Systems  last 
month.  ActivCard  says  the  Secure¬ 
Login  SSO  v.5  is  a  wholesale  change 
to  Protocom’s  underlying  technology, 
with  the  ActivCard  GUI.  Existing 
ActivCard  customers  are  offered  a 
swap-out,  while  new  customers  wili 
pay  $79  per  seat. 


BY  PHIL  HOCHMUTH 

LAN  cabling  experts  and  vendors  say 
that  organizations  installing  copper  cab¬ 
ling  in  data  centers  should  investigate 
new  unshielded  twisted-pair  products 
that  can  support  future  high-bandwidth 
technologies  such  as  10G  Ethernet. 

Some  chipset  vendors  of  pre-standard 
products  that  run  10G  over  UTP  cabling 
say  their  wares  will  support  10G  over 
older  cabling  plants  —  such  as  Category 
5, 5e  or  6.  But  some  industry  experts  say 
businesses  that  plan  to  invest  in  10G 
Ethernet  would  be  wise  to  upgrade  cop¬ 
per  cabling  to  the  new  Category  6 
Augmented,  or  Category  6a,  standard  of 
UTP  cable  expected  to  be  ratified  by  the 
International  Telecommunication  Union 
early  next  year. 

With  lOGBase-T,  the  standard  for  10G 
Ethernet  over  UTP  cabling,  still  more 
than  a  year  away,  users  have  time  to 
explore  cabling  options.  But  decision 
time  is  coming  up. 

“The  need  is  coming  for  better  cabling 
in  data  centers,”  says  James  Truelove,  a 
network  architecture  consultant  and 


The  short  run 

Most  cable  runs  in  data  centers  are 
short,  which  makes  unshielded  twisted¬ 
pair  copper  cabling  useful  for 
connecting  servers  and  switches. 


Distance  in  meters  and  frequency  used 
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author  of  the  forthcoming  LAN  Cabling, 
Third  Edition.  He  says  applications  that 
have  massive  data  transfer  requirements, 
such  as  video  production, “need  this  now. 


Other  companies  will  follow  in  10G 
adoption  as  10G  ports  become  more  reg¬ 
ular  in  switching  gear.  For  these  compa¬ 
nies,  10G  will  be  a  breath  of  fresh  air.” 
Truelove  says  that  those  who  plan  ahead 
for  the  next  level  of  Ethernet  won’t  be 
faced  with  costly  cable  plant  rip-and- 
replace  projects. 

“The  people  who  purchased  higher- 
quality  cable  have  always  proven  to  be 
rewarded  when  higher-speed  Ethernet 
technologies  were  introduced,”  Truelove 
says.  “That’s  been  a  lesson  with  people 
who  put  in  Category  5,  then  when  they 
wanted  to  go  to  Gigabit  Ethernet,  the 
cable  couldn’t  handle  it.” 

Research  by  J&M  Consultants,  a  tele¬ 
com  engineering  firm,  backs  this  up.  From 
1999  to  2003  —  the  last  year  the  company 
collected  data  —  usage  of  Category  5e 
cabling  dropped  from  around  66%  to 
35%.  Meanwhile,  usage  of  Category  6 
cabling  jumped  from  22%  to  64%  during 
the  same  time  period. 

While  some  pre-standard  lOGBase-T 
vendors  —  chip  makers  and  cable  makers 
See  Cabling,  page  26 


Determina  protects  without  patches 


■  NetlQ  last  week  announced  it  has 
added  security  policy  templates  that 
reflect  the  Federal  Information 
Security  Management  Act  guidelines 
to  the  NetlQ  Security  Compliance 
Suite,  which  is  used  for  vulnerability 
management  and  security  monitoring 
of  servers.  The  FISMA  guidelines  are 
issued  by  the  National  Institute  of 
Standards  and  Technology  to  direct 
federal  agencies  on  how  to  manage 
risk  within  their  IT  environments.  The 
NetlQ  Security  Compliance  Suite 
costs  $1,120  for  server  software. 
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BY  TIM  GREENE 

Intrusion-prevention  vendor  Determina 
this  week  is  expected  to  roll  out  software 
that  shores  up  server  vulnerabilities,  buy¬ 
ing  network  executives  time  until  they 
can  install  permanent  patches. 

The  software,  called  LiveShield,  lets  cor¬ 
porations  fix  security  holes  in  applications 
while  keeping  key  servers  continuously 
online,  avoiding  downtime  that  can  disrupt 
business.  Ultimately  businesses  have  to 
install  traditional  patches  issued  by  ven¬ 
dors  and  reboot  the  servers.  But  with 
Determina  protecting  the  vulnerable  appli¬ 
cation,  the  installation  can  be  safely 
delayed  until  a  time  when  it  won’t  interrupt 
end  users.  Determina  plans  to  announce 
LiveShield  at  the  Demo  conference  this 
week. 

LiveShield  is  an  add-on  to  Determina’s 
intrusion-prevention  software,  Memory 
Firewall,  which  runs  on  the  servers  it  pro¬ 


tects.  Working  together,  the  two  pieces  of 
software  insert  vulnerability  fixes  — 
Determina  calls  them  shields  —  into 
applications  as  they  are  running  in  mem¬ 
ory  on  the  servers.The  shields  are  written 
by  Determina  based  on  the  patches 
issued  by  software  vendors  in  response  to 
reported  vulnerabilities,  and  are  distrib¬ 
uted  and  automatically  installed  on  the 
fly  via  Determina’s  management  software. 

To  do  this,  each  server  must  already  be 
running  Memory  Firewall,  which  controls 
the  running  of  the  application  in  memo¬ 
ry  on  the  server,  where  it  analyzes  appli¬ 
cation  behavior.  When  it  detects  abnor¬ 
mal  behavior  indicating  an  attack,  it 
shuts  down. 

In  combination  with  LiveShield,  Mem¬ 
ory  Firewall  can  insert  code  that  fixes 
vulnerabilities  in  the  application  as  it  is 
running  on  the  server. 

The  shield  is  not  inserted  into  the  appli¬ 


cation  as  it  is  stored  on  the  server  hard 
drive, so  the  actual  patch  will  still  have  to 
be  installed.  With  the  extra  time 
LiveShield  provides,  businesses  can 
schedule  convenient  times  for  installing 
the  security  patches  and  can  test 
whether  other  upgrades  bundled  with 
them  are  compatible  with  other  software 
running  on  the  server  hardware.  By  doing 
so,  businesses  can  avoid  additional 
downtime  that  incompatibility  can 
cause,  says  Nand  Mulchandani,  Deter¬ 
mina’s  vice  president  of  marketing  and 
business  development. 

Determina  must  wait  for  software  ven¬ 
dors  to  issue  their  patches  before  it  can 
write  the  shields.  In  turn  customers  must 
wait  for  Determina  to  issue  the  shields, 
which  it  creates  by  reverse-engineering 
the  patches  to  determine  what  lines  of 
application  code  need  to  be  altered  to 
See  Determina,  page  26 
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□  CAN  IT  HELP  CONTROL  COSTS  AS  WE  GROW 


□  CAN  WE  DEPLOY  IT  QUICKLY 

□  HOW  RELIABLE  IS  IT 

□  ARE  THERE  HIDDEN  COSTS 


Microsoft 


tzfGET  THE  FACTS. 

RAYOVAC  CHOSE  WINDOWS  SERVER  SYSTEM  AND  EXPECTS  TO  SAVE 
NEARLY  ONE  MILLION  DOLLARS. 

"By  choosing  Windows  Server™  over  Linux  for  our  new  SAP  APO  solution,  we'll  save  an 
estimated  one  million  dollars  in  software,  staffing,  and  support  costs  over  the  first  four  years. 
We  needed  performance,  security  enhancements,  and  reliability  at  a  reasonable  price, 
and  Linux  would  have  presented  additional  risks  in  all  of  those  areas.  It  may  be  the  new 
thing  from  a  technical  perspective,  but  Linux  doesn't  cut  it  from  a  business  perspective— 

I  need  a  proven  IT  environment  that  I'm  sure  we  can  support."  jj>iiwr4nw^® 
-Rick  Dempsey,  Chief  Information  Officer,  Rayovac  mmwysw 

For  these  and  other  third-party  findings,  go  to  microsoft.com/getthefacts 


Windows 
Server  System 
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Sigaba  upgrade  secures  outbound  e-mail 


BY  CARA  GARRETSON 

Messaging  security  vendor  Sigaba  last 
week  released  an  upgrade  to  its 
SigabaNet  gateway  software, offering  com¬ 
panies  better  control  over  e-mail  that 
leave  their  organizations. 

SigabaNet  Version  4.3  includes  a  num¬ 
ber  of  enhancements  designed  to  help 
companies  ensure  that  outbound  e-mails 
are  compliant  with  federal  regulations  or 
corporate  guidelines,  and  keep  propri¬ 
etary  information,  such  as  intellectual 
property  inside  the  company,  says  Nancy 
Chou,  senior  vice  president  of  marketing 


with  Sigaba. 

The  new  version  includes  templates  that 
contain  tens  of  thousands  of  words,  codes 
and  phrases,  according  to  company  offi¬ 
cials.  By  filtering  outbound  e-mail  through 
these  templates,  the  software  scans  for 
clues  indicating  an  e-mail  includes  infor¬ 
mation  that  must  be  secured, such  as  data 
related  to  Health  Insurance  Portability 
and  Accountability  Act  regulations  for  the 
healthcare  industry,  officials  say. 

Once  an  outbound  e-mail  is  flagged  for 
securing,  SigabaNet  encrypts  the  message 
and  separately  authenticates  users,  Chou 


says. 

SigabaNet  can  secure  outbound  e-mails 
containing  information  related  to  regula¬ 
tions  such  as  the  Gramm-Leach-Bliley  and 
Sarbanes-Oxley  acts.  The  product  also  can 
flag  e-mails  that  might  contain  intellectual 
property  or  inappropriate  content  and 
block  them  before  they  leave  the  organiza¬ 
tion,  officials  say 

This  release  also  allows  companies  to 
brand  all  customer-bound  outgoing  e- 
mails  with  a  company’s  logo  or  other 
insignia,  officials  say. 

SigabaNet  is  the  company’s  platform 


upon  which  its  products  —  Secure 
Email,  Secure  Statements  and  Secure 
Instant  Messaging  —  are  based. 
SigabaNet  includes  gateway  software 
that  enforces  preset  policies,  key  services 
for  managing  encryption  and  authenti¬ 
cation  services. Typical  pricing  for  one  of 
the  products  based  on  SigabaNet  is 
$23,000,  officials  say.  ■ 

MESSAGING 

Subscribe  to  our  free  newsletter. 
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Cabling 

continued  from  page  23 

such  as  SolarFlare  —  say  their  gear  will  run 
10G  over  older  Category  5e  links, Truelove  says 
Category  6  at  the  minimum,  and  preferably 
Category  6a  cabling,  should  be  installed. 

“The  distances  being  kicked  around  are  up  to 
55  meters,  whereas  a  normal  run  is  100  meters,” 
for  Ethernet  over  UTRTruelove  says.“A  lot  of  hor¬ 
izontal  runs  are  not  that  long,  but  augmented 
Category  6  cabling  will  sup¬ 
port  that  easiljf 
Most  data  center  cable 
runs  should  be  under  100 
meters,  according  to 
Mazzetti  and  Associates, 
a  data  center  engineering 
and  consulting  firm. 

Research  of  its  own  cus¬ 
tomers,  ranging  from  cor¬ 
porate  to  educational  and 
government  sites,  found 
that  half  of  the  UTP  cabling 
run  in  data  centers  is  under 
30  meters  —  usually 
bunches  of  cabling,  con¬ 
necting  switches  and 
servers.  Only  about  1%  of  the  cable  installed 
reached  the  100-meter  limit  of  UTP 
Category  6a  cabling  also  figures  into  the 
latest  blueprints  outlined  in  the  TIA-942  Data 
Center  Standard.  This  standard,  put  together 
by  architects,  engineers,  manufactures  and 
users,  is  a  blueprint  for  how  data  centers 


should  be  physically  constructed,  including 
specifications  for  heating/cooling,  raised 
floors,  and  the  types  of  racks  and  cabling 
used. 

The  key  to  Category  6a  is  its  higher-frequen¬ 
cy  support  —  up  to  500  Mhz,  twice  the  band¬ 
width  of  Category  6,  which  is  250  Mhz.  The 
higher  megahertz  support  allows  cabling 
to  handle  the  greater  amount  of  noise 
and  crosstalk  that  occurs  on  a  wire  when 
10G  bit/sec  instead  of  10M,  100M  or  1000M 
bit/sec  are  running  over  the 
wire  pairs. 

“If  you  don’t  measure  and 
control  these  things  and  you 
run  signals  at  a  higher  fre¬ 
quency,  all  of  a  sudden 
strange  things  can  happen,” 
says  Luc  Adriatsos,  vice  pres¬ 
ident  of  R&D  at  Systemax,  a 
maker  of  structured  cabling. 
“With  Category  6a,  it’s  quali¬ 
fied  to  run  at  that  high  level, 
so  there  won’t  be  any 
issues.” 

“For  new  data  centers 
going  in,  we  strongly  recom¬ 
mend  Category  6a.  Also, 
knowing  that  10G  in  data  centers  is  coming 
very  quickly’’ Adriatsos  says. 

Cabling  specialists  estimate  that  Category  6a 
costs  20%  more  to  run  than  Category  6. 
Users  also  can  expect  to  pay  almost  a  50% 
price  difference  between  Category  5e  and 
Category  6a.  ■ 
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Setting  the  IT  agenda  will  deliver  straight 
talk  from  the  leaders  of  AT&T,  EMC,  HP, 
Intel,  Microsoft,  Sun  and  more  on  security, 
collaboration,  IT  flexibility  and  more  at  the 
gathering  of  key  stakeholders  in  enterprise 
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Determina 

continued  from  page  23 

fix  vulnerabilities,  Mulchandani  says. Writing  a 
shield  takes  12  to  24  hours  after  a  patch  is 
received,  he  says. 

The  company  writes  shields  for  all  enter¬ 
prise  Windows  applications  and  Citrix,  and  is 
testing  with  other  vendors,  Mulchandani  says. 
It  does  not  write  them  for  custom  applications 
that  businesses  might  have  written  for  them¬ 
selves,  he  says. 

Determina’s  intrusion-prevention  software 


competes  against  Sana  Security,  Network 
Associates  with  its  Entercept  software  and 
Cisco  with  its  Security  Agent.  Start-up  PivX  also 
has  a  host-based  IPS,  although  none  of  these 
has  code-mending  software  like  LiveShield. 
Blue  Lane’s  Patch  Point  software,  which  it  calls 
a  patch  proxy,  also  performs  a  similar  function 
to  that  of  LiveShield. 

LiveShield  is  scheduled  to  be  available  at 
the  end  of  the  month.  It  comes  bundled 
with  Memory  Firewall  for  $750  per  server. 
Memory  Firewall  without  LiveShield  costs  $500 
per  server.  ■ 


Cisco  tackles  RFID 
in  the  network 

BY  JOHN  COX 

Cisco  last  week  took  the  first  step  in  building  into  its  network  hardware 
new  software  that  will  help  users  more  easily  handle  RFID  traffic. 

Cisco  announced  a  board  that  slots  into  its  2800  or  3800  routers,  and  a 
blade  for  the  Catalyst  6500  switch  chassis,  with  software  from  Cisco  and 
an  embedded  version  of  ConnecTerra’s  RFTagAware  middleware  for 
RFID. 

These  devices  now  can  filter  raw  RFID  traffic  at  the  edge  of  the  network, 
as  well  as  pass  it  through  to  data  center  switches  where  it  can  be  col¬ 
lected  and  managed, and  passed  on  to  applications.The  Cisco  code,  with 
ConnecTerra’s  software,  lets  administrators  create  policies  on  where  and 
how  RFID  traffic  is  to  be  handled  in  the  network,  then  distribute  these 
policies  to  Cisco  routers  and  switches. 

The  new  product  is  called  Cisco  Application  Oriented  Network 
(AON)  for  RFID  Solution  and  is  priced  at  $16,250.  It  is  set  to  ship  in 
October.  AON  is  Cisco’s  effort  to  create  software  that  will  let  its  network 
gear  route  and  manage  traffic  based  on  the  content  of  application  mes¬ 
sages,  such  as  purchase  orders  or  stock  trades,  rather  than  lower-level, 
generic  packets. 

The  overall  goal  of  the  new  RFID  board  is  to  help  corporations  install 
and  run  large  numbers  of  RFID  tags  and  readers,  and  then  manage  these 
and  their  traffic  as  part  of  their  existing  corporate  networks. 

“With  RFID,  a  whole  bunch  of  network  services  around  it  will  be  pro¬ 
visioned  in  the  [Cisco]  network,”  says  Mohsen  Moazami,  vice  presi¬ 
dent  of  retail  and  distribution  at  Cisco  and  the  person  in  charge  of  the 
vendor’s  RFID  efforts.'Those  services  include  security,  location  aware¬ 
ness,  device  management,  filtering  and  prioritization." 

The  new  hardware  module  also  lets  the  network  devices  apply  QoS 
policies,  take  action  on  RFID  events  at  the  edge  of  the  network  and 
shield  back-end  applications  from  having  to  know  details  about  spe¬ 
cific  RFID  readers  or  servers. 

Other  elements  of  Cisco’s  RFID  push  include  recently  created  and 
expanded  consulting  services  to  help  customers  with  various  phases 
of  RFID  deployment;  partnerships  with  software  vendors  who  are  sup¬ 
porting  the  embedded  Cisco  software;  and  the  company’s  802.1 1  wire¬ 
less  LAN-based  tagging  and  tracking  product,  the  Cisco  2700  Wireless 
Location  Appliance,  from  its  Airespace  acquisition. 

The  new  package  of  consulting  services  includes  a  readiness  assess¬ 
ment  of  a  customer’s  existing  network  infrastructure  and  an  RFID 
pilot  program. 

A  key  partner  for  Cisco  is  ConnecTerra,  which  provides  infrastruc¬ 
ture  software  for  RFID  and  client  devices.  Also  announced  were  part¬ 
nerships  with  Intermec  and  ThingMagic  for  active  RFID  tags,  and 
PanGo  Networks.* 


EtherScope  and  OptiView  -  Two  Portable  Network 
Analyzers  created  to  help  prove  it's  not  a  network 
problem.  Faster.  Quickly  proving  problems  are  not 
network  problems  is  exactly  what  our  portable 
analyzers  are  all  about.  Unlike  a  protocol  analyzer 
or  laptop  freeware,  they  give  you  the  complete  vision 
you  need  to  quickly  and  accurately  diagnose  problems. 
For  example,  you  can  track  down  connectivity 


problems  and  incorrectly  configured  stations,  identify 
causes  of  network  slowdowns  (like  excessive  broad- 

^  :  ;:V 

casts)  and  spot  bandwidth  hungry  applications. 

AU  with  one  tool:  a  Fluke  Networks'  portable  analyzer. 
Simply  put,  they're  the  best  way  to  prove  it's  not  the 
network's  fault.  And  the  surest  way  to  start  getting  a 


little  more  respect  around  the  office. 


Prove  it's  not  the  network's  fault.  Faster. 
Visit  www.flukenetworks.com/PNA  to  see 
how  one  of  our  portable  analyzers  can  make 
your  job  easier. 
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ADIG  boost  backups 


Short  Takes 


■  Intradyn  last  week  launched  a 
version  of  its  e-mail  archiving  appli¬ 
ance,  Comp!ianceVault06,  which 
includes  a  new  user  interface, 
enhanced  search  capabilities,  the 
ability  to  export  search  results  to  a 
file,  CD,  e-mail  or  hard  copy  and  addi¬ 
tional  audit  features.  The  appliance, 
which  also  can  encrypt  tapes,  stores 
e-mail  on  disk  and  tape.  The  new  ver¬ 
sion,  available  in  a  11)  (1.75-inch  high) 
rack-mounted  enclosure,  starts  at 
just  under  $10,000. 

■  Permabit,  a  Cambridge,  Mass., 
maker  of  storage  boxes  for  electronic 
archiving  and  record  retention,  says  it 
has  received  $12  million  in  third-round 
funding,  bringing  its  total  to  $32  mil¬ 
lion.  The  new  capital  will  be  used  to 
hire  marketing,  services,  sales  and 
support  staff,  the  company  says. 
Baker  Capital  led  the  venture  round. 

■  Quest  Software  last  week 
announced  storage-management 
software  for  Microsoft  Exchange 
environments  that  lets  customers 
manage  their  e-mail  system  use  and 
meet  compliance  requirements.  The 
Quest  Storage  Suite  for  Exchange  is 
integrated  with  the  Microsoft 
Management  Console  and  includes 
traffic  analysis  and  reporting  capabil¬ 
ities,  archive  software  and  e-mail 
recovery.  The  suite  includes  Storage 
Consolidator  for  Windows,  which 
automates  the  migration  of  data,  and 
Storage  Manager  for  Windows,  which 
collects  capacity  metrics,  so  adminis¬ 
trators  can  delete  data  or  update  the 
ownership  of  files.  Quest  Storage 
Suite  for  Exchange  is  available  for 
$40  per  user  mailbox. 

■  Sun  this  week  is  expected  to  roll 
out  servers  based  on  an  updated 
SPARC  chip  that  enables  faster  pro¬ 
cessing  at  the  same  price  as  existing 
UltraSparc  IV  boxes,  which  start  at 
about  $30,000  for  a  two-processor 
configuration. The  UltraSPARC  IV+ 
will  run  at  1.5  GHz,  compared  with 
the  1.3  GHz  UltraSPARC  IV. 
UltraSPARC  IV+  has  a  2M-byte  L2 
cache  and  a  32M-byte  off-chip  cache. 


Quantum, 

BY  DENI  CONNOR 

Quantum  and  ADIC  announced  sepa¬ 
rately  last  week  products  designed  to  let 
customers  use  a  mix  of  tape  cartridges  to 
archive  data  and  support  information  life- 
cycle  management. 

The  ability  to  intermix  media  types, 
including  Limited  Tape  Open  (LTO), Super 
Digital  Linear  Tape  (SDLT)  and  Ultra 
Density  Optical  (UDO),  is  an  increasingly 
important  feature,  says  Dianne  McAdam, 
senior  analyst  at  the  Data  Mobility  Group. 

“If  the  SDLT  cartridges  can  store  more 
capacity  than  the  LTO  cartridges,  then  you 
can  tell  the  back-up  software  to  send  large 
jobs  to  the  SDLT  pool  and  smaller  jobs  to 
the  LTO  pool,”  she  says. 

Quantum’s  PX500  Series  consists  of  the 
PX502,  PX506  and  PX510  modular  systems 
for  backing  up,  recovering  and  archiving 
customer  data.  The  systems  include  Quan¬ 
tum’s  FlexLink  architecture,  which  allows 
them  to  be  stacked  and  linked  via  infrared 
technology 


Just  as  Bill  Gates  “discovered”  the  Internet 
and  the  World  Wide  Web  in  1995,  he  evi¬ 
dently  woke  up  recently  to  discover  there 
was  another  niche  that  his  company  wasn’t 
serving  adequately  —  the  midsize  market. 
Never  mind  that  “SMB,”  for  small  and  mid¬ 
size  business,  has  been  with  us  for  many 
years,  used  even  by  Microsoft  in  its  market¬ 
ing  efforts.  No,  there’s  too  much  difference, 
evidently  between  an  organization  with  25 
PCs  and  one  with  75,  both  in  terms  of  their 
software  needs,  as  well  as  in  the  expertise 
they  have  to  run  that  software. 

Redmond’s  recently  announced  “Centro” 
server  system  is  aimed  squarely  at  that 
well-defined  (ha!)  midmarket  segment  — 
the  organization  with  25  to  500  PCs.  Recall, 
though,  that  Microsoft’s  Small  Business 
Suite  is  aimed  at  organizations  with  50  PCs 
or  fewer.  Why  the  overlap?  According  to 
Steven  VanRoekel,  director  of  midsize  busi¬ 
ness  solutions  strategy  at  Microsoft,  one  dif- 


“Scalable  growth  is  very  cool,  but  I  like 
that  in  three  years  you  can  rip  them  apart 
and  let  different  departments  repurpose 
them.  They  have  a  far  longer  useful  life 
than  most  tape  libraries,”  says  Steve 
Duplessie,  senior  analyst  at  the  Enterprise 
Strategy  Group. 

The  PX500  series  can  be  configured  with 
SDLT  600,  LTO-2  or  LTO-3  drive  cartridges. 
They  also  support  hot-swappable  drives, 
redundant  power  supplies  and  SCSI  or 
Fibre  Channel  connectivity  A  Web-based 
management  console  also  is  available. 

The  models  range  from  4U  to  18U  in  size 
and  support  as  many  as  576G  bytes  of  data 
an  hour  on  the  low  end  to  2,880G  bytes 
per  hour  on  the  high  end. The  smallest  of 
the  new  boxes  starts  at  less  than  $12,000; 
the  high-end  system  starts  at  $33,000. 

Archiving  support 

ADIC’s  AMASS  5.5  is  near-line  archiving 
software  for  network-  and  direct-attached 
storage  environments  that  supports  ADIC,  as 


ferentiator  is  staff.The  midsize  organization 
has  “an  IT  person  on  staff  that  actually 
manages  the  systems  in  place.  They  have 
an  IT  budget.” 

But  there’s  also  a  difference  between  a 
midsize  company  and  a  corporation, 
according  to  VanRoekel: “The  IT  staff  tends 
to  have  very  limited  resources  in  terms  of 
time,  money  and  personnel.  [Midsize] 
companies  tend  to  have  one  or  two  people 
that  not  only  manage  the  server  infrastruc¬ 
ture,  but  also  the  desktops  or  the  fax 
machines  and  pretty  much  anything  with  a 
plug  or  a  wire.”  What  they  need  is  manage¬ 
ment  help,  and  that’s  what  Centro  brings  to 
the  table. 

Centro  will  have  the  same  Windows 
Longhorn  server  that  small  businesses  and 
large  companies  will  use.  It  will  include 
Exchange  server,  like  the  Small  Business 
Suite.  But  it  will  have  a  “next-generation 
management  experience,  plus  next-genera¬ 
tion  security  technologies,  brought  togeth¬ 
er  into  a  single  solution  specifically 
designed  for  the  IT  professional  in  midsize 
businesses,”  VanRoekel  says.  Doesn’t  that 
give  you  a  warm  and  fuzzy  feeling? 

A  better  management  solution  is  nothing 
to  sneeze  at,  but  organizations  large  and 


well  as  tape  libraries  and  DVD  and  optical 
libraries  from  such  vendors  as  IBM  and  Sun. 

AMASS  5.5  has  the  capability  to  support 
mixed  media  —  including  SDLT,  LTO,  AIT 
or  UDO  —  and  migrate  data  from  one 
media  type  to  another.  This  means  that 
customers  can  manage  large,  file-based 
data  sets  over  long  periods  and  enable 
policies  that  automatically  direct  the 
migration  of  data. 

AMASS  5.5  includes  ADIC’s  Infinite  File 
Life  (IFL)  technology  to  support  all  genera¬ 
tions  of  LTO  tape  media.  IFL  tests  the 
integrity  of  data  stored  on  an  LTO  cartridge 
and  send  it  to  new  media  when  specified 
error-rate  thresholds  are  met. 

AMASS  5.5  starts  at  $14,800,B 

STORAGE 

Subscribe  to  our  Storage  in  the  Enterprise  newsletter. 
Recent  topics  include  integrated  monitoring  of  networks 
and  storage,  and  the  challenges  of  dealing  with  very  large 
data  files,  www.networkworld.com,  DocFinder:1019 


small  need  it.  The  number  of  platforms 
doesn’t  define  either  the  breadth  or  the 
intensity  of  your  IT  effort  any  more  than  the 
number  of  telephones  in  an  organization 
typifies  its  marketing  effort. 

If  Microsoft  truly  was  listening  to  its  cus¬ 
tomers,  then  it  would  know  we  want  these 
services  and  applications,  but  also  that  we 
want  to  customize  our  own  solution  set  to 
fit  the  needs  of  our  business  —  no  matter 
how  many  PCs  we  have. 

Kearns,  a  former  network  administrator,  is 
a  freelance  writer  and  consultant  in  Silicon 
Valley.  He  can  be  reached  at  wired 
@vquill.com. 


Tip  of  the  Week 


■  Gates  and  Co.  repositioned  some  applica¬ 
tions  (Great  Plains,  Solomon)  for  the  midrange 
market  (www.networkworld.com,  DocFinder: 
8924).  This  isn’t  about  new  software  or  func¬ 
tionality,  but  about  fighting  the  Linux  and 
Oracle  efforts  in  midsize  organizations. 


SMB:  Size  doesn't  matter 
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Oracle’s  spree  changes  CRM  landscape 


BY  JOHN  COX 

In  the  beginning,  customers  won’t  see  any 
major  changes  as  a  result  of  Oracle’s  deci¬ 
sion  to  buy  Siebel  Systems  last  week.  Most 
of  the  short-term  benefits  will  be  reaped  by 
Oracle  over  the  next  calendar  and  fiscal 
years,  as  Siebel’s  software  licenses,  mainte¬ 
nance  contracts  and  consulting  fees  fatten 
Oracle’s  revenue  and  profit  results. 

But  in  the  long  term,  corporate  executives 
will  have  to  assess  how  successful  Oracle  is 
with  Project  Fusion,  the  company’s  ambi¬ 
tious  new  architecture  designed  to  create  a 
common  foundation  for  its  applications, 
including  four  separate  CRM  offerings: 
Oracle’s  own;  PeopleSoft,  which  Oracle 
acquired  in  January;  JD  Edwards,  which 
PeopleSoft  bought  while  it  tried  to  fight  off 
Oracle’s  hostile  takeover;  and  now,  Siebel. 

Siebel  markets  a  suite  of  CRM  applica¬ 
tions,  including  versions  tailored  for  several 
vertical  industries,  such  as  manufacturing 
and  distribution,  telecom,  life  sciences, 
financial  services  and  public  sector.  Its  list 
of  top  customers  reads  like  a  who’s  who  of 
high  tech:  IBM,  HRMicrosoft,  Cisco  and  Sun, 
as  well  as  Deutsche  Telecom,  General 
Motors  and  Bank  of  America. 

Oracle’s  first  goal  will  be  to  take  care  of 
the  flood  of  new  customers  using  software 
developed  by  someone  else.  “In  the  short- 
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term,  Oracle  is  working  very  hard  to  main¬ 
tain  customer  satisfaction  and  minimize 
concerns  about  support,”  says  Stuart 
Williams,  an  analyst  who  focuses  on  enter¬ 
prise  applications  for  Technology  Business 
Research. 

So  far  it  seems  to  be  working. 

“We’re  a  fairly  substantial  JD  Edwards  cus¬ 
tomer,  and  we  haven’t  seen  any  negative 
impact  with  respect  to  that,”  says  Stephen 
Pickett,  vice  president  and  CIO  of  Penske,  a 
transportation  services  company  in  Bloom¬ 
field,  Mich.“We  are  running  Siebel  at  one  of 
our  subsidiaries.  It’s  good  to  hear  that  Siebel 
now  has  a  deep  pocket, which  it  didn’t  have 
before  and  I  think  it  would  continue  [soft¬ 


ware]  development.  More  and  more  of  our 
software  is  running  on  Oracle,  and  so  far 
they’ve  been  a  viable  partner’’ 

But  this  continuity  hides  the  fact  that 
Oracle  is  in  the  midst  of  a  market-shifting 
transformation.  “Oracle  has  taken  a  huge 
lead  in  the  CRM  marketplace,”  Williams 
says.  “They’ve  completed  their  transforma¬ 
tion  from  being  just  a  database  company  to 


being  a  company  with  database,  middle¬ 
ware  and  applications.” 

This  is  the  core  software  stack  that  big  cor¬ 
porations  rely  on  to  run  their  businesses. 
Increasingly  these  corporations  want  these 
applications  built  on  a  consistent  frame¬ 
work,  says  Peter  Kelly  senior  analyst  with 
Burton  Group,  an  IT  research  firm. 

See  Oracle,  page  34 


I  Start-up  management  vendor 
Race  has  announced  the  second  gen¬ 
eration  of  its  flagship  appliance  and 
software  product,  KBOX  IT  Manage¬ 
ment  Suite.  The  appliance  is  connect¬ 
ed  to  a  network  and  distributes  soft¬ 
ware  agents  to  managed  devices 
upon  installation.  Version  2.0  supports 
two  add-on  modules  that  Kace  says 
will  help  small  and  midsize  companies 
perform  vulnerability  scans  and  ma¬ 
chine  audits.  The  latest  version  also 
adds  automatic  remote  discovery, 
remote-control  features  and  upgrad¬ 
ed  patch  management  utilities.  KBOX 
IT  Management  Suite  2.0  costs  $7,500 
for  a  100-node  network  and  about 
$20,000  for  a  1,000-node  network. 


■  Peregrine  Systems  last  week 
announced  Enterprise  Discovery  2.0 
software,  which  the  company  says 
will  help  customers  discover,  inven¬ 
tory  and  manage  hardware,  soft¬ 
ware  and  network  devices.  The  soft¬ 
ware  works  with  or  without  agents, 
depending  on  the  level  of  detail 
desired,  and  captures  cross-plat- 
form  configuration  data  on  desk¬ 
tops  and  servers.  It  then  populates 
a  database  with  the  software  inven¬ 
tory  information.  Peregrine  says  it 
can  capture  as  many  as  1,500 
attributes.  Enterprise  Discovery  2.0 
is  available,  and  an  average  imple¬ 
mentation  can  cost  between 
$75,000  and  $100,000. 


Start-up  takes  aim 
at  Salesforce.com 


BY  JENNIFER  MEARS 

A  start-up  that  delivers  applications  over 
the  Web,  iRadeon  aims  to  beat  Sales 
force.com  at  its  own  game  by  bringing  a 
lower-cost,  easy-to-deploy  alternative  to 
the  CRM  software  market  —  and  it’s  doing 
it  with  a  twist:  open  source. 

The  company,  which  launched  in  1999, 
began  delivering  a  handful  of  open  source 
applications  on  demand  last  summer, 
including  NETOffice  open  source  project 
management  and  ATutor  open  source  e- 
learning  software.This  week,  the  company 
is  scheduled  to  roll  out  an  updated  ver¬ 
sion  of  its  hosted  open  source  CRM  offer¬ 
ing,  SugarCRM  3.5. 

The  package  costs  $150  per  month  for  25 
users  compared  with  Salesforce.com’s 
starting  price  of  $1,625  for  the  same  num¬ 
ber  of  users. 

It’s  the  same  kind  of  proposition 
Salesforce.com  introduced  to  the  market 
when  it  launched  six  years  ago.  At  that 
time,  Salesforce  was  the  only  firm  to  deliv¬ 


er  a  hosted  CRM  application,  meaning  that 
end  users  could  simply  tap  into  the  soft¬ 
ware  rather  than  having  to  wrestle  with 
large-scale  and  expensive  in-house 
deployments. 

Tim  Krozek,  director  of  sales  at  Efficient 
Frontier,  a  search  engine  marketing  firm  in 
Mountain  View,  Calif.,  says  he  used  Sales- 
force.com  for  years  because  it  was  more 
affordable. 

“A  few  years  ago,  Salesforce  was  right 
because  there  was  no  other  game  in 
town,”  Krozek  says. “You  had  to  use  Siebel 
or  something  like  that  or  something  less 
than  optimal  like  Outlook.To  deploy  some 
large  Siebel  system  is  incredibly  pricey” 

Efficient  Frontier  recently  switched  to 
iRadeon,  however,  because  the  small 
company  was  running  into  pricing  issues 
as  it  looked  to  add  more  users  to  the  CRM 
system,  Krozek  says. 

“We  were  paying  in  the  neighborhood  of 
about  $600  a  month  for  Salesforce,  and  we 
See  iRadeon,  page  34 
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Cerf  moves  up  the  stack 


NET  INSIDER 


Scott  Bradner 


In  a  great  move,  Internet  pioneer 
Vint  Cerf  has  just  moved  up  the 
Open  Systems  Interconnection 
stack  from  Layer  3  (networking) 
to  Layer  7  (application)  by  leav¬ 
ing  MCI  and  joining  Google  as 
chief  Internet  evangelist. 

Maybe  he  was  just  escaping  the 
fate  of  becoming  an  internal  body 
part  of  a  local  telephone  compa¬ 
ny  and  the  prospect  of  having  to 
work  with  the  company  on 
Internet-related  technical  issues. 
Or  maybe  Google  offered  him  a 


deal  he  was  too  smart  to  turn 
down. 

Whatever  the  reason,  the  move 
is  a  great  symbol  of  a  value  move 
that  has  been  accelerating  with 
the  shift  to  converged  networks. 
According  to  the  FCC,  telecom 
business  in  the  U.S.  totaled  about 
$295  billion  in  2004. 1  could  not 
find  a  table  that  said  how  much 
of  that  is  taxes  of  various  types.  If 
my  home  bill  is  any  guide,  it 
could  be  as  much  as  one-quarter 
of  the  non-wireless  part  and  a  bit 
less  than  10%  of  the  wireless  part. 
Certainly,  telecom  has  been  a 
cash  cow  for  governments. 

But  what  is  the  future  of  this 
business?  If  long-distance  and  cell 
phone  prices  provide  any  guide, 
revenues  will  go  down  by  a  factor 
of  five  to  10  over  the  next  five 
years  —  mostly  because  of  com¬ 


petition.  If  instead  you  use  local 
phone  service  as  a  guide,  the 
price  will  go  up  by  a  factor  of 
three  over  the  same  time  period. 
My  bet  is  on  steep  reductions. 
There  is  just  too  much  competi¬ 
tion  in  the  voice  business  with 
cell  phones  and  from  the  Internet 
(VoIP  video  chat  and  e-mail).  I 
also  expect  that  telecom  compa¬ 
nies  will  be  in  for  some  very  lean 
times,  with  more  going  through 
consolidation,  bankruptcy  or  just 
going  out  of  business. 

Of  course,  governments  could 
fix  their  declining  revenues  by 
raising  tax  rates.  Cerf  was  instru¬ 
mental  in  creating  the  Internet-as- 
transport  system  that  we  are  just 
learning  how  to  use  to  its  full 
potential.  He  helped  to  define  the 
technology  deploy  the  ARPANet, 
and  nurture  the  IETF  as  the 


Internet  standards  organization 
and  the  Internet  Society  to  help 
bring  the  Internet  to  most  of  the 
world.  Recently  he  helped  man¬ 
age  Internet  Corporation  for 
Assigned  Names  and  Numbers, 
the  coordinator  of  key  Internet 
functions.  Thus  Cerf  has  concen¬ 
trated  on  the  transport  and  politi¬ 
cal  layers  of  the  OSI  stack. 

Now  he  has  moved  directly  to 
the  application  layer,  to  just  where 
the  most  exciting  action  is  and 
will  continue  to  be  as  long  as  the 
telecom  industry  lets  it  be.  Google 
exists  because  the  Internet  is 
open.  No  one  needed  to  give 
Google  permission  to  run  over  the 
Internet,  and  Google  did  not  need 
to  work  out  payment  plans  to 
compensate  the  telecom  industry 
for  the  use  of  “its”  network.  In  my 
mind,  1  pay  for  Google  to  use  the 


Internet,  at  least  the  path  to  me, 
with  what  I  pay  my  ISP 

1  cannot  imagine  a  place  more 
suited  for  Cerf.  Google  is  easily  the 
most  dynamically  innovative 
company  in  the  whole  Internet 
space.  1  expect  Cerf  will  suddenly 
feel  much  younger,  like  back  in 
the  early  days  of  what  became  the 
Internet,  where  everything  was 
possible  and  nothing  was  pre¬ 
dictable. 

Disclaimer:  For  good  students  at 
Harvard  anything  is  possible  and 
little  is  predictable,  just  as  it 
should  be.  But  I  know  of  no  uni¬ 
versity  opinion  on  Cerfs  change 
of  employer. 

Bradner  is  a  consultant  with 
Harvard  University's  University 
Information  Systems.  He  can  be 
reached  at  sob@sobco.com. 
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That’s  what  Oracle  is  attempt¬ 
ing  to  do  with  Project  Fusion  — 
a  grand  scheme  to  devise  a  new 
framework  for  all  its  applica¬ 
tions.  These  next-generation 
applications  will  be  based  on  a 
service-oriented  architecture 
(SOA),Web  services  and  XML 

A  question  of  Fusion 

Project  Fusion  is  intended  to 
create  a  common  data  model 
and  application  architecture  to 
let  CRM  and 
other  enter¬ 
prise  applica¬ 
tions,  such  as 
supply-chain 
management, 
procurement 
and  financials, 
all  work  togeth¬ 
er  smoothly. 

Oracle  CEO 
Larry  Ellison 
last  week  made  it  clear  that  the 
future  Fusion  CRM  product  will 
be  driven  by  Siebel’s  software 
expertise.  “There’s  no  question 
that  Siebel  products  are  more 
broadly  deployed  and  more  fea¬ 
ture-rich,”  he  said  during  the 
press  conference  announcing 
the  $5.8  billion  deal.  “And  they 
will  be  the  centerpiece  of  our 
[CRM]  strategy  going  forward.” 
The  first  components  of  this 
new  product  are  due  out  in 
2007. 


Other  components  in  the  com¬ 
plete  Fusion  stack  will  be  pro¬ 
ject  management,  collaboration 
programs  and  business  intelli¬ 
gence.  The  entire  grouping  will 
be  designed  so  it  can  be  tailored 
to  fit  different  markets,  such  as 
public  sector,  manufacturing,  life 
sciences,  retail  and  healthcare. 

“If  there’s  an  Achilles’  heel  in 
Oracle’s  plan,  this  is  it,”  Williams 
says. 

“It  comes  down  to  how  effec¬ 
tively  and  quickly  Oracle  can 
pull  these  elements  together,” 
says  Burton  Group’s  Kelly.  Oracle 
archrival  SAP 
AG  and 

Microsoft  in  the 
midrange  mar¬ 
ket  are  also 
attempting  sim¬ 
ilar  efforts.  The 
result,  Kelly 
says,  will  be 
“super  plat¬ 
forms”  that  offer 
end-to-end 

functionality. 

A  related  project  is  Oracle 
Fusion  Middleware,  the  first  com¬ 
ponents  of  which  are  scheduled 
to  be  released  this  week.This  pro¬ 
ject  consolidates  a  range  of 
Oracle  middleware  products,  all 
based  on  an  SOA  foundation: 
Oracle  Application  Server  lOg; 
other  Application  Server  prod¬ 
ucts  and  options;  Oracle  Data 
Hubs;  and  Oracle  Collaboration 
Suite  applications. 

Williams  expects  this  week’s 


“It  comes  down  to 
how  effectively 
and  quickly  Oracle 
can  pull  these  ele¬ 
ments  together.” 

Peter  Kelly,  senior  analyst, 
Burton  Group 


iRadeon 

continued  from  page  31 

had  about  nine  users,”  he  says. 
“Ultimately,  what  we’re  hoping  to 
do  is  get  our  client  services  on 
board  and  some  of  our  engineer¬ 
ing  operations  on  board  with  a 
centralized  product.  To  add  those 
people  [to  Salesforce.com] 
would  have  been  really,  really 
cost-prohibitive.” 

Analysts  say  iRadeon,  which 
markets  to  small  and  midsize 
firms,  as  well  as  departments 
within  larger  companies,  is  tap¬ 
ping  into  an  area  where  there  is 
growing  demand.  A  recent  sur- 


0n  demand 

IT  managers  spent  about 

$300  million 

for  on-demand  CRM  applica¬ 
tions  in  2004,  according  to 
IDC. 

vey  by  Nucleus  Research  of  29 
Salesforce.com  customers  found 
that  while  they  were  happy  with 
Salesforce.com,  38%  were  plan¬ 
ning  to  or  would  consider  mov¬ 
ing  to  another  CRM  provider. 

Others,  such  as  NetSuite, 
RightNow  Technologies,  Salesnet 


and  Siebel  also  offer  on-demand 
CRM.  But  Rebecca  Wettemann, 
vice  president  of  research  at 
Nucleus,  says  iRadeon  is  unique 
because  it  is  offering  an  open 
source  alternative. 

“Until  we  see  more  packaged 
applications  coming  out  in  the 
open  source  world,  going  to  on- 
demand  is  a  great  way  to  get 
value  out  of  something  like  CRM 
and  project  management  without 
having  to  make  the  investment  in 
custom  development  that  using 
open  source  typically  requires 
today”  Wettemann  says.  “This 
removes  a  pretty  big  stumbling 
block  for  small  companies.”  ■ 


Fusion  Middleware  news  to 
focus  on  SOA  connections  and 
interfaces,  which  will  let  Oracle 
add  an  SOA  layer  around 
chunks  of  existing  software,  and 
make  these  functions  and  appli¬ 
cations  easily  called,  and  used, 
by  other  components. 

Another  question  involves  how 
aggressively  Oracle  embraces 
online  applications. 

Siebel  CRM  faltering 

Siebel  in  the  past  few  quarters 
has  been  promoting,  with 
mixed  results,  its  hosted  CRM 
offering,  Siebel  On-Demand, 
partly  in  response  to  the  suc¬ 
cess  of  hosted  CRM  market 
leader  Salesforce.com  and  sev¬ 
eral  other  online  application 
vendors. 


In  fact,  Siebel  unveiled  the  lat¬ 
est  version  of  its  CRM  On- 
Demand  software,  Release  9,  on 
the  same  day  the  sale  of  the 
company  was  announced.  CRM 
OnDemand  9  is  Siebel’s  fourth 
release  of  its  hosted  CRM  soft¬ 
ware  this  year.  The  new  version 
integrates  with  IBM’s  Lotus 
Notes  Groupware,  as  well  as 
Siebel’s  own  hosted  contact 
center,  Contact  OnDemand,  and 
the  company’s  on-premises 
CRM  software. 

Corporate  users  and  channel 
partners  can  customize  CRM 
OnDemand  to  enable  them  to 
brand  the  applications  as  their 
own  before  they  deploy  them  to 
their  staff  and  customers,  Siebel 
says. 

Siebel  hopes  that  adding  full 


support  for  Lotus  Notes  will 
attract  more  customers.  Pre¬ 
viously,  the  company’s  software 
supported  only  Microsoft’s  Out¬ 
look  groupware. 

Meanwhile,  Ellison  empha¬ 
sizes  how  important  the  online 
business  is  to  Oracle’s  future. 
“It’s  a  key  part  of  our  strategy 
and  a  key  reason  for  us  to  do 
the  deal,”  he  says.  “We  intend  to 
invest  heavily  in  the  OnDemand 
products.  And  I  think  the  fea¬ 
tures  in  the  [corporate]  soft¬ 
ware  will  continue  to  migrate  to 
the  OnDemand  product.”  ■ 
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SPECIAL  FOCUS 


DESKTOP  MANAGEMENT 


Client  systems  get  better  management  tools 


Dominating  desktops 


When  asked  which  client-management  system  they  used,  a  majority  of  110  IT 
executives  indicated  that  large  systems-management  tools  fit  the  bill. 

Who  is  your  primary  vendor  for  commercial  client-management  software? 


Microsoft  SMS 

Novell  ZENWorks 

IBM  Tivoli 

Altiris/Wise 

Symantec 

Computer 

Associates 

HP/Novadigm 
LANDesk  Software  f 
Other 


30% 

41% 


3% 

4% 

8% 
7% 


Symantec  has  done  well  in  the  SMB 
markets  in  part  because  SMBs  are  more 
likely  to  use  imaging  and  recovery  tools 
tools  such  as  Ghost  instead  of  full-blown 
management  tools. 


H  SMB 
1111  Enterprise 

Based  on  40  North  American  SMBs 
and  70  North  American  enterprises 
(percentages  may  not  total  100 
because  of  rounding) 

SOURCE:  FORRESTER  RESEARCH 


BY  DENISE  DUBIE 

Managing  client  devices  presents  a 
conundrum  to  IT  managers  looking  to 
monitor  activity,  secure  systems  and 
improve  performance  across  disparate 
machines  that  require  constant  attention 
and  upkeep. 

Best  practices  would  dictate  standardiza¬ 
tion  as  the  logical  way  to  monitor  thou¬ 
sands  of  like  systems,  but  achieving  homo¬ 
geneity  among  client  devices  is  nearly 
impossible.  Desktops  —  and  other  client 
devices  such  as  laptops  and  PDAs  —  can 
vary  widely  across  a  large  company 
Diversity  among  machines  can  range  from 
the  applications  end  users  employ  to  vari¬ 
ous  versions  of  operating  systems  to  cus¬ 
tomized  interfaces  and  the  hardware  sitting 
on  the  desktop. 

“We  are  a  schizophrenic  organization.  On 
the  one  hand,  we  are  corporate  and  have 
standardized  machines  and  controls  in 
place,  and  on  the  other  hand,  we  are  like  a 
college  campus  with  unknown  devices  log¬ 
ging  on  to  our  network,”  says  Ethan  Fener, 
associate  director  of  IS  for  Partners  Health- 
Care  Systems  in  Wellesley  Mass.  “We  have 
about  27,000  machines  that  are  closely 
aligned  and  potentially  an  equal  number  of 
IP  addresses  for  machines  that  are  not  stan¬ 
dard.  There  is  no  way  to  achieve  100%  cer¬ 
tainty  and  visibility  into  each  machine.” 

But  users  are  trying  the  use  of  client-man¬ 
agement  systems  is  on  the  rise.  According 
to  a  2004  Forrester  Research  survey  of  137 
IT  managers,  92%  of  companies  use  client- 
management  tools  or  software,  while  69% 
of  small  and  midsize  businesses  (SMB) 
report  doing  so,  as  well.  In  response,  ven¬ 
dors  have  augmented  their  products  to  bet¬ 
ter  address  the  range  of  capabilities  needed 
to  tackle  client  systems. 

For  instance,  HP  acquired  Novadigm  to 
improve  its  client-management  tools  and 
recently  made  available  a  scaled-down  ver¬ 
sion  of  its  software  to  appeal  to  the  fast¬ 
growing  SMB  market,  which  Yankee  Group 
estimates  includes  about  6  million  compa¬ 
nies  with  two  to  1,000  employees.  Com¬ 
panies  such  as  Symantec  and  BigFix  have 
expanded  capabilities  in  their  software 
suites  beyond  security  and  patch  manage¬ 
ment,  respectively  to  include  more  systems- 
management  capabilities. 

And  Altiris,  LANDesk  and  Computer 
Associates  have  augmented  their  systems- 
management  portfolios  with  more  security- 
specific  offerings,  such  as  spyware  detec¬ 
tion.  Yet  Microsoft  leads  the  market  for 


client-systems  management  (see  graphic), 
possibly  because  the  company  included 
SMS  with  its  Back  Office  bundle,  and  SMS 
was  often  sold  as  part  of  corporate  license 
agreements,  Forrester  speculates. 

Adding  to  the  management  challenge, 
client  systems  demand  much  more  than 
availability  monitoring.  IT  managers  must 
track  end-user  systems  for  security  compli¬ 
ance,  software  license  and  inventory  pur¬ 
poses,  among  other  things.  In  fact,  the  com¬ 
ing  together  of  once-separate  IT  tasks  is 
probably  best  demonstrated  when  manag¬ 
ing  client  machines.  Consider  patch  man¬ 
agement,  which  couples  vulnerability  scans 
and  configuration  management  with  soft¬ 
ware  distribution  capabilities. 

“There  is  a  big  convergence  right  now  in 
terms  of  endpoint  management.  The  whole 
operational  discipline  is  becoming  critical 
for  security  says  Peter  Firstbrook,a  research 
director  at  Gartner.  “Standardization  would 
be  great,  but  it’s  not  likely,  so  IT  managers 
need  to  get  processes  and  procedures  in 
place  that  technology  can  ultimately  auto¬ 
mate  for  both  operations  and  security  man¬ 
agement  on  endpoints.” 


To  address  the  issues,  IT  managers  tend  to 
cobble  together  multiple  vendor  products 
with  time-consuming  manual  efforts.  Fener 
couples  Reflectent  EdgeSight  software  for 
monitoring  client  machines  with  Altiris 
tools  for  software  distribution. 

The  standard  machines  at  Partners 
Healthcare  Systems  are  built  so  that  patch 
management,  anti-vims  and  group  policies 
can  be  strictly  enforced.  Fener  says  owners 
of  “non-standard  machines  are  strongly 
encouraged  to  adopt  similarly  good  man¬ 
agement  practices,  in  which  anti-vims  pro¬ 
tection  and  patch  management  capabili¬ 
ties  are  made  available  yet  not  mandator^’ 

Despite  the  technology  in  place,  Fener 
still  has  to  manually  address  some  issues. 
He  explains,  for  instance,  that  if  he  achieves 
a  90%  success  rate  in  rolling  out  a  patch  to 
27,000  machines,  2,700  machines  remain 
that  must  be  addressed  one  by  one.“Scale  is 
a  different  issue  when  it  comes  to  manag¬ 
ing  desktops,”  he  says. 

Craig  Bush,  network  administrator  at 
Exactech,  an  orthopedic  and  medical 
device  provider  in  Gainesville,  Fla.,  uses 
Microsoft  Windows  Update  service  to  scan 


and  patch  nearly  225  end-user  machines, 
primarily  because  it’s  free.  He  also  has 
Symantec  anti-vims  in  place  and  Script- 
Logic’s  Desktop  Authority  software  to 
remote-control  into  client  machines.  And 
he  manually  performs  asset  inventory  In  a 
smaller  company,  he  faces  challenges  simi¬ 
lar  to  a  larger  one,  but  does  not  have  the 
resources  to  roll  out  a  large  systems-man¬ 
agement  tool  that  encompasses  systems 
and  security 

“It  would  be  nice  to  have  one  manage¬ 
ment  console.  We  centralize  management 
as  much  as  possible  now,  but  something 
like  SMS  is  too  large  a  product  to  imple¬ 
ment,  is  very  expensive  to  roll  out  and 
probably  very  complex  to  configure  and 
administer;  Bush  says.  “We’d  need  another 
full-time  person  to  manage  that.” 

Matt  Giblin,  senior  systems  analyst  at 
Mercy  Health  Services  in  Baltimore, 
approaches  client  management  differently 
He  decided  upon  one  vendor,  Altiris,  which 
he  says  he  believed  could  address  the  spec¬ 
trum  of  management  and  security  needs. 

“We  wanted  to  combine  our  client-man¬ 
agement  system  with  our  help  desk  without 
integrating  into  other  systems,"  he  says. 
Standardizing  with  one  management  ven¬ 
dor  helped  Giblin  manage  the  life  cycle  of 
the  devices,  from  provisioning  to  retire¬ 
ment.  “We  wanted  to  be  able  to  track  the 
cost,  performance  and  life  of  an  asset  once 
it  enters  our  environment  for  performance 
and  budgetary  purposes,”  he  says. 

Yet  he  still  finds  challenges  in  managing 
client  devices.  Among  them  is  keeping  up 
with  systems  and  software;  despite  his  best 
efforts  to  standardize  the  software  and  sys¬ 
tems  on  machines,  changes  happen. 

“The  pendulum  has  shifted  from  hard¬ 
ware  being  difficult  to  support.  Now  the 
operating  systems  and  applications  are 
complex,  and  it  has  to  get  easier  to  support 
multiple  operating  systems  and  applica¬ 
tions,”  Giblin  says.  “It’s  an  always-changing 
environment,  and  it’s  critical  just  to  keep  up 
with  the  changes.” 

Industry  watchers  say  such  complexity  is 
expected  to  grow  for  enterprise  companies. 

“The  current  approach  to  managing  the 
devices  will  fail  in  time  as  systems  get  more 
complex  and  diversity  increases,  such  as 
with  Linux  on  the  desktop,”  says  David 
Friedlander,  a  senior  analyst  with  Forrester. 
“It’s  already  a  challenge  to  standardize  and 
maintain  one  operating  system,  remove 
complexity  and  reduce  overhead  in  man¬ 
aging  end-user  devices.”® 
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Might  SBC  become  the  ‘new  AT&T? 

Branding  decision  remains  up  in  the  air  as  regulatory  process  plays  out. 


BY  DENISE  PAPPALARDO 

While  SBC  awaits  state  and  federal 
approval  of  its  $16  billion  acquisition  of 
AT&T,  the  company  also  appears  to  be 
mulling  its  branding  options. 

According  to  published  reports,  SBC  is 
considering  ditching  its  own  brand  —  SBC 
stands  for  Southwestern  Bell  Commun¬ 
ications  —  and  replacing  it  with  the  better 
known  AT&T  name.  SBC  says  no  official 
decision  has  been  made. 

However,  the  company  has  spoken  high¬ 
ly  of  the  value  of  the  AT&T  name. 

“We  value  the  heritage  and  strength  of 
the  AT&T  brand,  which  is  one  of  the  most 
widely  recognized  and  respected  names 
throughout  the  world,  and  it  will  certainly 
be  a  part  of  the  new  company’s  future," 
said  Edward  Whitacre,  SBC  chairman  and 
CEO  in  January. 

Experts  see  the  decision  going  either 
way 

“If  SBC  sees  local  as  its  primary  impor¬ 
tance, then  AT&T  may  be  a  brand  only 
for  its  enterprise  services,  but  the 
merged  company  would  still  be  SBC,” 
says  Lisa  Pierce,  an  analyst  at  Forrester 
Research. 

“If  SBC  envisions  itself  as  becoming  a 
truly  global  player,  there  should  be  no 
question  about  taking  on  the  AT&T  name,” 
she  says,“It  all  depends  on  what  they  envi- 


Short  Takes 


■  Network  management  vendor 
Nexagent  last  week  said  it  has 
joined  theTeleManagement  Forum,  an 
international  industry  organization 
providing  guidance  for  management 
and  operation  of  information  and 
communications  services.  Nexagent 
said  it  can  contribute  insight  into  the 
challenges  of  managing  multi-carrier 
environments.  The  5-year-old  compa¬ 
ny  develops  products  specifically  for 
this  task,  particularly  in  the  area  of 
MPLS  multi-carrier  interconnects. 
TheTeleManagement  Forum  has 
more  than  450  members  and  runs  the 
OSS/BSS  Conference  and 
Exposition. 


sion  themselves  as 
becoming.” 

Pierce  says  that  if  SBC 
truly  wants  to  embrace 
AT&T’s  global  presence, 
it  should  also  move  its 
headquarters  to  the 
New  York  metropolitan 
region.The  executive  tal¬ 
ent  should  be  in  New 
York  or  New  Jersey  not 
Texas,  she  says. 

“We  have  done  some 
consumer  perception 
surveys.  Up  to  10%  still 
think  they  get  their  local 
service  from  AT&T’  Pierce  says.  “AT&T  is  a 
much  stronger  brand  domestically  and 
internationally’ 

In  the  mid-1980s  when  AT&T  divested  its 


Several  folks  have  written  to  comment  on 
the  250%  increase  in  overhead  I  attributed 
to  IPv6  in  my  previous  column  on  the  topic. 
They’re  right.The  number  is  overstated,  for  a 
rather  embarrassing  reason  (got  my  bits 
and  bytes  confused — spent  too  long  away 
from  a  protocol  analyzer). 

But  while  my  initial  figure  was  clearly 
incorrect,  determining  the  actual  figure  was 
more  challenging  than  either  my  readers  or 
I  had  anticipated.  More  than  half  who  sent 
in  the  “right”  figure  subsequently  revised 
their  calculations  (including  reader  Mel 
Beckman’s  letter  to  the  editor  on  page  48). 

With  the  gracious  help  of  David  Newman, 
a  Network  World  Test  Alliance  partner,  here 
are  the  corrected  figures  and  how  we 
arrived  at  them: 

First,  Newman  advocates  using  as  a  base¬ 
line  a  40-byte  TCP/IP  acknowledgment 
(ACK)  packet,  rather  than  a  64-byte  packet, 
given  that  TCP  ACKs  are  among  the  most 
common  packets  on  the  'Net.  ACKs  have  a 
TCP  header  but  no  payload,  so  the  break¬ 
down  is  as  follows: 


local  properties  under 
court  order,  the  compa¬ 
ny  put  much  effort  into 
building  its  brand.  It  was 
forced  to  stop  using  the 
“Bell”  name,  which  was 
synonymous  with  tele¬ 
phone  service.  For  nearly 
25  years  AT&T  has  built 
and  maintained  its 
brand.  Some  believe  it 
would  be  silly  for  SBC  to 
throw  that  away. 

“SBC  has  no  interna¬ 
tional  presence,”  says 
Brian  Washburn,  analyst 
at  Current  Analysis.  “If  SBC  replaced  the 
AT&T  brand  internationally  with  the  SBC 
name,  it  would  be  starting  from  square 
one.” 


•  Under  IPV4,  the  total  IP  header  without 
options  runs  to  20  bytes.  The  TCP  header 
takes  up  an  additional  20  bytes,  for  a  total 
packet  length  of  40  bytes. 

•  Under  IPv6,  the  total  IP  header  without 
options  is  40  bytes.  The  TCP  header  takes 
another  20  bytes  (same  as  for  v4) ,  for  a  total 
packet  length  of  60  bytes. 

The  upshot?  A  100%  increase  in  IP  header 
overhead  (from  20  to  40  bytes),  and  a  50% 
increase  in  total  packet  length.  As  noted, 
that’s  not  the  250%  increase  for  a  64-byte 
packet  I  initially  cited,  but  it’s  still  plenty 

It’s  also  reasonable  to  ask  how  many 
packets  on  the  Internet  are  small  enough 
for  the  overhead  to  matter.  The  answer,  as 
indicated  by  the  data,  is  “most  of  them.” 
Various  analyses  demonstrate  that  between 
20%  and  25%  of  packets  are  40  bytes,  with 
roughly  50%  of  all  packets  at  220  bytes  or 
less.  (See  www.networkworld.com,  Doc- 
Finden  8925,  and  check  out  data  obtained 
by  the  Cooperative  Association  for  Internet 
Data  Analysis  at  www.caida.org.)  Therefore, 
the  overhead  increase  generated  by  IPv6 
on  small  packets  is  neither  negligible  nor  a 
red  herring. 


“The  AT&T  name  is  a  great  brand,” 
Washburn  says. SBC  has  two  choices.lt  will 
either  completely  change  everything  to 
the  AT&T  brand  or  use  it  only  for  specific 
offerings  under  the  SBC  umbrella,  he  says. 

Washburn  also  questioned  how  or  if  SBC 
will  be  able  to  leverage  the  AT&T  brand 
with  wireless  business  users.  SBC  owns 
60%  of  Cingular  Wireless.  Bell  South  owns 
the  remaining  40%.  It  seems  unlikely  that 
Bell  South  would  allow  SBC  to  change  the 
name  of  the  wireless  service  provider  to 
AT&T  Wireless,  he  says. 

But  Washburn  says  SBC  might  be  able  to 
sell  Cingular  services  to  AT&T  business 
customers  as  AT&T  Wireless-branded  ser¬ 
vices,  similar  to  a  mobile  virtual  network 
operator  arrangement.  SBC  has  not  made 
any  public  statements  about  its  branding 
plans  regarding  Cingular.  ■ 


In  addition,  the  exact  timing  of  IP  address 
exhaustion  has  proven  fluid.  The  best  cur¬ 
rent  projections  range  between  2013  and 
2030  (for  a  good  baseline  analysis,  check 
out  DocFinder:  8926).  But  the  projected 
exhaustion  point  tends  to  keep  receding 
into  the  future  (early  projections  were  that 
addresses  would  run  out  in  the  late  1990s), 
largely  because  of  the  widespread  deploy¬ 
ment  of  network  address  translation  (NAT). 

And  NAT’s  not  going  anywhere.  While 
packet  purists  despise  NAT,  because  it 
breaks  the  end-to-end-ness  of  the  Internet, 
most  companies  deploy  NAT  by  choice  — 
preferring  not  to  provide  internal  address¬ 
ing  information  to  the  public  Internet.That’s 
not  likely  to  change  with  the  deployment  of 
IPv6  —  Cisco  has  implemented  IPv6  NAT 
functionality  in  its  routers.  Don’t  look  for 
NAT  to  die  any  time  soon. 

The  bottom  line  stays  the  same:  Com¬ 
panies  shouldn’t  race  to  embrace  IPv6. 

Johnson  is  president  and  chief  research 
officer  at  Nemertes  Research,  an  indepen¬ 
dent  technology'  research  firm.  She  can  be 
reached  at  johna@nemertes.corn. 


What’s  left 

The  merger  between  SBC 
and  AT&T  still  needs 
approval  from: 

•  Arizona _ 

•  California _ 

•  New  York _ 

•  Ohio _ 

•  Pennsylvania _ 

•  FCC _ 

•  Department  of  Justice 


A  revised  look  at  IPv6 
still  provides  ample  doubt 


Turn  Control  Freaks  Into  Remote  Control  Freaks 


tKick  back.  Relax.  Make  yourself  comfy.  It’s  all  part  of  a  day’s  work  when  you’re  in  total  control  with 
our  DSView®  3  management  software*  Now  you  can  remotely  control  servers,  serial  devices  and 
power  devices  from  a  single  browser  interface.  Reboot  servers  down  the  hall  or  around  the  world.  With  virtual 
media,  you  can  even  remotely  load  software  without  setting  foot  in 
the  data  center.  Those  hours  spent  at  the  rack  are  over.  Visit  us  at 
www.avocent.com/stayincontrol.  And  start  looking  for  a  new  chair. 

*  Recliner  recommended,  but  not  included. 


Avocent, 

The  Power  of  Being  There® 


©  2005  Avocent.  Corporation.  Avocent,  the  Avocent  logo,  DSView  and  The  Power  of  Being  There  are  registered  trademarks  of  Avocent  Corporation. 


9,19.05  •  www.netwopkworld.coin  •  45 


TECHHDUCY  UPDATE 

■  AN  INSIDE  LOOK  AT  TECHNOLOGIES  AND  STANDARDS 


Security  technology  targets  the  LAN 


HOW  IT  WORKS:  User-based  UN  access 

This  technology,  otherwise  known  as  endpoint  control,  inspects  traffic  for 
security  policy  compliance  and  malware. 


H  Fred  authenticates  at  the  ULA  appliance,  and  existing  RADIUS  op  Lightweight  Directory  Access  Protocol 
(LDAP)  servers  determine  group  membership. _ 

13  System  matches  groups  with  policies,  applies  policies  to  ports  and  allows  access  to  appropriate  network 
resources. _ 

a  As  Joe's  worm-infected  PC  connects,  the  ULA  system  identifies  malware  and  applies  quarantine  policies, 
Joe  is  allowed  to  access  only  the  remediation  server. 

Q  ULA  system  notifies  network  administrator  and  initiates  worm  remediation  and  operating  system  patch 
download  to  Joe's  PC.  fhe  system  verifies  that  Joe's  PC  is  in  compliance  with  security  policies. 


BY  JOSEPH  TARDO 

Access-control  lists,  originally  designed 
for  routers  to  deny  or  admit  packets 
entering  a  network  from  a  WAN,  have 
drawbacks  in  controlling  a  diverse  group 
of  users  accessing  LANs.  ACLs  have  no 
knowledge  of  traffic-flow  semantics  or 
content,  can’t  adjust  access  rights  for  indi¬ 
vidual  users,  and  suffer  scalability  and 
performance  limitations. 

User-based  LAN  access  control  (ULA)  is 
a  new  technology  that  redefines  network 
admission  and  access.  Made  possible  by 
a  new  breed  of  high-performance  ASICs, 
emerging  ULA-capable  LAN  security  sys¬ 
tems  sit  in  a  network  at  the  user-access 
layer  or  at  an  aggregation  layer,  and 
inspect  every  packet  on  every  port  for 
security  policy  compliance  and  malware. 

The  technology  lets  an  administrator 
identify  who  is  using  a  network,  where 
and  how  he  logged  on,  what  resources  he 
can  access,  and  whether  the  LAN  is  still 
secure  and  malware-free  once  the  user  is 
admitted.lt  also  provides  automatic  quar¬ 
antine  mechanisms  to  isolate  problem 
users  immediately,  and  to  dynamically 
change  from  normal  to  quarantine  policy 
when  malware  is  detected.  In  effect,  it 
works  to  create  a  personal  DMZ  for  every 
user  on  every  port. 

User-based  LAN  access  control  operates 
transparently  to  end  users,  while  provid¬ 
ing  powerful  security  safeguards  for  net¬ 
work  or  security  administrators.  ULA- 
capable  systems  are  flexible  enough  to 
offer  several  mechanisms  for  authentica¬ 
tion,  and  smart  enough  to  understand  the 
concepts  of  user  identity  and  security 


policies  associated  with  each  user.  For 
example,  when  a  user  plugs  his  laptop  in 
to  a  network,  he  authenticates  via  802. IX, 
or  a  captive  portal  Web  logon  page,  and 
the  system  immediately  applies  that 
user’s  security  policies  to  all  applications 
and  network  services  he  accesses. 

This  security  technology  also  integrates 
with  existing  authentication  databases  to 
identify  user-group  memberships.  A  sys¬ 
tem  matches  group  memberships  from 
an  existing  RADIUS  or  Lightweight  Di¬ 


rectory  Access  Protocol  database  to 
security  policies  that  will  be  applied  on  a 
LAN  access  port.  This  group-based 
approach  guarantees  scalability  across  a 
corporation, because  policies  are  defined 
one  time  and  all  group  members  auto¬ 
matically  inherit  the  policies  at  logon. 
When  a  user  is  transient  (say,  a  contractor 
working  on  the  latest  SAP  upgrade),  poli¬ 
cies  travel  with  him  wherever  he  con¬ 
nects  to  the  network. 

When  malware,  such  as  worms,  or  other 


inappropriate  behavior  is  identified,  the 
ULA  system  automatically  applies  quar¬ 
antine  policies  to  that  user  only.  Before 
the  availability  of  user-based  LAN  access 
control  in  LANs,  the  only  way  to  protect 
against  malware  was  to  assign  users  to  a 
quarantined  virtual  LAN.  This  is  akin  to 
throwing  influenza  sufferers  in  with 
malaria  patients.  With  user-based  LAN 
access  control,  a  device  completely  iso¬ 
lates  infected  users  with  fully  stateful  fire¬ 
wall  policies,  while  allowing  access,  for 
example,  only  to  remediation  servers. 

Simultaneously,  the  device  alerts  the 
network  administrator  about  the  inci¬ 
dent.  Event  details  include  who  is  respon¬ 
sible,  what  they  did,  where  they  are  locat¬ 
ed  and  what’s  been  done  about  it. 
Compare  this  with  today’s  practice  of 
combing  through  router  and  switch  logs, 
or  Address  Resolution  Protocol  tables, 
looking  for  which  media  access  control 
address  caused  the  problem  and  to 
which  port  they  are  connected. 

Finally,  ULA  systems  offer  robust  securi¬ 
ty  audit  benefits.  When  a  network  under¬ 
stands  user  identity  and  what  resources 
people  have  access  to,  and  it  has  the 
capacity  to  log  this  network  activity,  com¬ 
pliance  audits  become  much  simpler. 

User-based  LAN  access  control  enables 
companies  to  implement  simple,  identity- 
based  security  policy  provisioning,  rapid 
security  incident  resolution  and  com¬ 
plete  compliance  audit  trails. 

Tardo  is  principal  security  architect  for 
Nevis  Networks.  He  can  be  reached  at 
joseph.  tardodsnevisnetworks.  com. 


Ask  Dn  Internet  By  Steve  Blass 


We  want  to  use  the  Eclipse  Rich  Client 
Platform  for  a  desktop  application.  What 
options  are  available  for  user  interface 
development?  The  Sun  Netbeans  environment 
provides  a  GUI  builder  that  seems  to  be  miss¬ 
ing  in  Eclipse.  How  does  one  develop  an 
Eclipse  user  interface  without  entering  wid¬ 
get  code  by  hand? 

At  least  three  tool  sets  are  available  for  developing 
Eclipse  desktop  user  interfaces  at  a  higher  level  than 


hand  writing  Simple  Widget  Toolkit  (SWT)  code.  The 
Eclipse  Visual  Editor  Project  provides  a  framework  for 
developing  GUI  builders  that  support  both  SWT/RPC 
code  and  Swing/Java  Foundation  Classes  code.  The 
Visual  Editor  for  Eclipse  is  available  for  download  from 
www.eclipse.org/vep/. 

Two  other  open  source  projects  available  on 
SourceForge,  XSWT  and  EclipseXUL,  provide  for  the 
development  and  construction  of  Eclipse  user  inter¬ 
faces  through  the  use  of  particularly  formatted  XML 
files.  XSWT  describes  SWT  layouts  in  a  way  that  pro¬ 


vides  a  one-to-one  mapping  between  XSWT  elements 
and  SWT  Java  code. 

The  XSWT  plug-in  is  available  for  download  from 
http://xswt.sourceforge.net.  EclipseXUL,  an  Eclipse  fea¬ 
ture  under  development  adds  XML  User  Interface 
Language  support  to  Eclipse  and  is  based  on  the 
Eclipse  Web  Tools  Project  (see  www.networkworld.com, 
DocFinder:  8929). 

Blass,  a  network  architect  at  Change@Work  in  Houston, 
can  be  reached  at  dr.internet@changeatwork.com. 
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Portable  drives  for  massive  files 


6EARHEAD 

INSIDE  THE 
NETWORK 
MACHINE 


Mark  Gibbs 


It  has  been  an  exciting  weekend,  as 
our  son  had  his  first  club  football 
game,  a  convincing  win  for  his  team 
(30  to  8)  against  opponents  who 
punched,  pinched  and  played  dirty 
We  took  a  lot  of  photographs  ...more 
than  400,  to  be  precise. 

Now, how  to  get  the  good  ones  over 
to  the  team  mom?  The  problem  is 
she  uses  Adelphia  cable,  which  has  a 
lOM-byte  message  size  limit,  and  we 
have  about  1G  byte  of  photos  to 
send.This  is  a  good  chance  to  try  out 
some  new  portable  storage  devices  we’ve  been  meaning  to 
take  a  look  at. 

First,  we  have  the  ENC-302U  PC  Drive  Kit  from  Azio.This  kit 
allows  you  to  build  an  external  3.5-inch  drive  with  a  USB 
2.0  interface  that  will  automatically  be  recognized  by 
Windows  XPWin  2000  and  Mac  OS  X.  Azio  provides  drivers 
for  Win  98  and  Win  SE. 

The  kit  consists  of  an  attractively  designed,  stackable  en¬ 
closure  (8.25  by  5  by  1.5  inches)  containing  electronics, 
connectors  and  a  power  supply  into  which  you  install  your 
own  UDMA  33/66-  or  ATA-lOO/133-compliant  drive.  One 
hopes  a  future  version  will  support  Serial  ATA  drives. 

If  you  can  use  a  screwdriver,  you  can  install  a  drive  into 
the  PC  Drive  Kit. The  accompanying  instructions  aren’t  too 
clever,  but  if  you  have  a  clue  about  what  you’re  doing,  they 


will  be  enough. 

But  we  have  two  complaints:  First,  the  data  cables  are  a  lit¬ 
tle  too  crowded  between  the  drive  and  the  electronics, 
which  makes  locating  the  drive  a  “grind  to  fit”  exercise. 
Second,  because  the  cables  are  squashed,  you  will  be 
inclined,  quite  sensibly  to  relieve  them  by  placing  the  drive 
as  far  away  from  the  electronics  as  possible. You  will  then 
secure  the  drive  with  screws. 

We  took  a  lot  of  photographs  . . . 
more  than  400,  to  be  precise. 

Unfortunately  at  this  location,  the  drive  will  interfere  with 
the  top  of  the  enclosure,  so  you  will  have  to  undo  the 
screws  and  push  the  drive  back  toward  the  electronics, 
thereby  squashing  the  cables  to  get  enough  clearance.  A 
simple  plastic  lug  to  limit  the  position  of  the  drive  and  a 
better  cable  path  would  have  solved  this. 

Is  the  Azio  ENC-302U  Kit  worth  it?  Well,  if  you  were  to  buy 
a  complete  external  80G-byte  drive  with  a  USB  2.0  inter¬ 
face, you  would  expect  to  spend  about  $100.  Using  the  Azio 
PC  Drive  Kit,  which  costs  $44,  and  buying  an  80G-byte  drive 
works  out  to  roughly  the  same  price  —  but  if  you  happen 
to  have  an  old  drive  lying  around,  then  the  kit  becomes  a 
really  good  value.  We  used  an  old  80G-byte  Maxtor  drive 
and  it  worked  fine. 

Our  second  storage  device  is  the  Dragon  Drive  2.5  from 


US  Modular  (www.networkworld.com,  DocFinden  8928). 
The  Dragon  Drive  comes  complete  with  a  drive  installed 
(available  capacities  are  20G,  40G,  60G,  80G  and  100G 
bytes)  and  ready  to  rumble. 

The  Dragon  Drives  use  2.5-inch  drives,  so  the  enclo¬ 
sures  are  smaller  (6.35  by  3.57  by  0.67  inches)  than  the 
Azio  enclosures, provide  USB  2.0  and  Firewire  interfaces, 
and  can  be  powered  by  an  included  5-volt  adapter  (aka 
a  wall  wart)  or  by  the  port  they  connect  to.  The  drives 
also  come  with  a  neat  carrying  wallet  that  stores  the 
bundled  adapter  cable  and  the  disk  with  Win  98  and  Win 
SE  drivers. 

The  USB  2.0  interface  is  specified  as  running  at  480M 
bit/sec,  and  Firewire  is  rated  at  400M  bit/sec,  so  you  might 
think  that  external  drives  with  USB  2.0  interfaces  would  be 
the  better  choice.  Real-world  testing  shows  Firewire  is  16% 
to  48%  faster  on  writes  and  33%  to  70%  faster  on  reads.  It 
will  come  as  no  surprise  that  the  Dragon  Drive  is  a  faster 
storage  solution  than  the  USB  2.0  Azio  drive. 

Best  of  all,  the  higher  speed  and  smaller  form  factor  come 
without  higher  cost: The  80G-byte  Dragon  Drive  is  available 
for  about  $100. 

We  like  this  product  a  lot,  so  we’ll  be  off  to  load  up  the 
team  mom’s  machine  with  the  Dragon  Drive. 

Send  your  team  shots  to  gearhead@gibbs.com.  As 
always,  check  Gearblog  ( www.networkworld.com/ 
weblogs/ gearblog). 


Skullcandy's  MacGyver 
watch  includes  an  MP3  play 
er  and  voice  recorder. 


The  scoop:  MacGyver  MP3  Watch,  from  Skullcandy 
from  $170  (256M  bytes)  to  $300  (1G  byte) 

What  it  is:  A  watch  that  includes  a  flash 
memory  drive  with  either  256M.512M  or  1G  bytes  of  stor¬ 
age  to  let  users  store  MP3  or  Windows  Media  Audio 
(WMA)  files.  The  watch  comes  in  white  (which  we  tried) 
or  black  and  the  device’s  USB  cable  is  embedded  within 
the  watch’s  strap.  When  connected  to  a  USB  port  on  a  PC, 
the  device  can  act  as  a  storage  drive  for  other  files,  not  just 
MP3  or  WMA  (security  alert!).  In  addition  to  an  MP3  play¬ 
er,  the  watch  includes  a  five-mode  audio  equalizer,  3-D 
stereo  sound  and  music  shuffle  feature.  The  watch 
includes  a  voice  recorder,  so  users  can  walk  into  their 
boss’  office  and  record  conversations  at  the  push  of  a  button. 

Why  it’s  cool:  With  a  name  like  the  MacGyver  MP3  Watch,  one  thinks  of  the  TV 
show,  and  it  does  have  a  spylike  feel.  Being  able  to  listen  to  music  files  on  a  wrist- 
watch  might  also  appeal  to  runners,  who  won’t  have  to  worry  about  carrying  an  MP3 
player  on  an  armband  or  carry  it  while  they  run. 

Some  caveats:  Listening  to  music  is  less  flexible  than  with  some  other  audio  play¬ 
ers  —  while  the  watch  includes  a  shuffle  function,  finding  a  specific  song  is  deter¬ 
mined  by  just  pushing  the  next-song  button  instead  of  any  kind  of  search  interface. 
We  also  inadvertently  skipped  to  the  next  song  or  hit  the  replay  button  several  times 
just  through  the  course  of  moving  around  —  the  buttons  seemed  very  sensitive. 

Grade:  ★★★y  (out  of  five). 

The  scoop:  SleepTracker  watch,  by  Innovative  Sleep  Solutions,  about  $150 

What  it  is:  A  wristwatch  for  mobile  travelers,  the  SleepTracker  looks  like  a  sports 
watch  or  heart  monitor,  but  includes  technology  that  monitors  your  sleep  pat¬ 


terns.  Innovative  Sleep  Solutions  suggests  that  an  alarm 
clock  that  wakes  people  at  specific  times  can  possibly 
prevent  them  from  waking  up  fully  refreshed. With  the 
knowledge  that  people  go  through  different  phases  of 
sleep,  the  SleepTracker  watch  aims  to  wake  the  wear¬ 
er  when  he  is  in  the  best  possible  waking  time  (usu¬ 
ally  a  non-deep  sleep  phase).  A  user  sets  a“wake  win¬ 
dow”  of  10,20  or  30  minutes  before  the  time  that  they 
have  to  wake  up.  If  the  optimal  wake-up  time  is  not 
reached,  the  watch  will  still  act  as  a  regular  alarm  clock 
and  wake  up  the  person  at  the  time  he  sets.  If  the  phase  is 
reached,  the  user  wakes  up  earlier,  but  more  refreshed. 

Why  it’s  cool:  The  idea  of  a  watch  and  alarm  clock  that  wakes  you  up  to 
feel  more  refreshed  is  appealing,  especially  to  road  warriors  who  switch  time 
zones  frequently  and  want  to  make  sure  they  are  ready  to  go  for  early  morn¬ 
ing  meetings. 

Some  caveats:  Unfortunately,  during  several  nights  of  trying  the  watch,  I 
became  more  stressed  out  and  exhausted  than  with  a  regular 
alarm  clock  or  hotel  wake-up  call.  During  the  first  night,  I  woke 
up  much  earlier  than  even  the  alarm  window  was  set  for,  so  I 
never  got  a  sense  of  when  it  would  wake  me  up.  During 
successive  nights,  I  thought  so  much  about  the  watch  and 
when  it  would  wake  me  up,  I  had  odd  dreams  and  fre¬ 
quently  awoke  during  the  night.  In  these  cases,  the  watch 
never  woke  me  up  during  the  optima!  time;  it  just  waited 
until  the  alarm  clock  set  time,  when  1  was  awake  anyway 
It’s  possible  that  this  watch  will  benefit  travelers  who  have 
odder  sleep  patterns  than  1  do,  but  for  me  it  never  quite  deliv¬ 
ered  on  the  promise  of  making  me  feel  more  refreshed. 

Grade: 


Shaw  can  be  reached  at  kshaw@nww.com. 
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IT  metrics  for 
the  budget  season 

As  summer  ends  and  we  enter  the  budget  season,  we 
thought  it  would  be  good  to  share  some  IT  metrics 
culled  from  various  sources  over  the  years  so  you  can 
see  where  you  stand. 

•  IT  spending  as  percent  of  revenue  was  a  more  significant 
metric  when  IT  was  more  of  a  backroom  operation,  but  it  is 
still  a  core  measure.The  rule  of  thumb  is  4%  to  8%,  but  of 
course  it  also  depends  on  your  vertical  market.  In  retail,  for 
example,  the  goal  is  down  close  to  1%. 

•  IT  spending  as  percentage  of  corporate  capital  spending 
averages  50%. 

•  By  some  accounts,  80%  of  IS  dollars  goes  to  operations 
today  and  only  20%  goes  to  capital  expenditures,  whereas 
20  years  ago  it  was  more  like  50%/50%. 

•  Average  system  utilization  is  20%,  a  leading  driver  for  grid 
and  virtualization  technologies. 

•  Core  network  infrastructure  can  be  expected  to  last 
about  seven  years. 

•  Upfront  system  costs  are  the  tip  of  the  iceberg.  Actual 
implementation  can  cost  two  to  three  times  that,  and  in 
terms  of  managing  the  system  over  time,  the  initial  cost  may 
be  as  little  as  one-seventh  to  one  tenth  of  the  total  ownership 
costs. 

•  By  some  estimates,  40%  of  the  cost  of  deploying  new 
applications  is  integrating  them  with  legacy  programs  —  one 
of  the  drivers  for  Web  services. 

•  Cost  per  hour  of  downtime  varies  greatly  by  industry 
ranging  from  $90,000  per  hour  in  airline  reservation  and  cat¬ 
alog  sales  environments  to  $6.5  million  per  hour  in  financial 
services.  Knowing  how  much  downtime  costs  your  company 
can  help  justify  investments  in  everything  from  quality  infra¬ 
structure  to  disaster  recovery  capabilities.  Regarding  the  lat¬ 
ter,  Gartner  estimates  that  two  out  of  five  corporations  that 
experience  a  disaster  go  out  of  business  within  five  years. 

•  Even  with  consolidation  trends,  data-center  device 
growth  is  30%  to  35%  pear  year,  fed  in  part  by  the  move  to  a 
smaller  footprint  and  simpler  machines  such  as  blade 
servers. 

•  The  trick  is  adding  new  data-center  gear  while  scaling 
down  complexity  Because  of  that  complexity,  eight  out  of  10 
failures  result  from  human  error. 

•  Ten  years  ago  the  help  desk  supported  an  average  of  25 
applications,  while  today  it  supports  200.  With  help  desk  calls 
costing  $50  to  $60  each,  companies  are  striving  to  reduce 
application  count  and  moving  toward  self-service. 

•  By  some  estimates,  each  user  generates  800M  bytes  to  1G 
byte  of  data  per  year,  and  data  growth  companywide  aver¬ 
ages  25%  to  35%  per  year. 

Of  course,  these  are  all  estimates,  and  your  mileage  will 
vaiy.  Let  us  know  what  metrics  you  track. 

—  John  Dix 
Editor  in  chief 
jdix@nww.com 


IPv6:  Right  on  time 

Johna  Till  Johnson’s  column,  “IPv6:  Time’s  still  not 
right”  (www.networkworld.com,  DocFinder:  8922) 
is  full  of  misinformation.  First  she  claims  that  IPv6 
requires  250%  more  bandwidth  than  IPv4  for  64- 
byte  messages.  But  if  you  do  the  math,  you’ll  see 
that  an  IPv6  packet’s  20  additional  bytes  amounts 
to  only  a  24%  larger  packet  with  a  64-byte  payload 
(104  vs.84  bytes). She  admits  that  little  traffic  on  the 
Internet  consists  of  such  small  packets,  so  this  argu¬ 
ment  is  a  red  herring.  When  you  look  at  the  actual 
packet  size  distribution  on  the  Internet,  IPv6’s  over¬ 
head  is  negligible. 

Then  Johnson  claims  that  IPv6’s  only  other  advan¬ 
tage  is  a  larger  address  space,  and  even  dismisses 
that,  claiming  that  we  don’t  need  more  addresses 
because  network  address  translation  (NAT)  solved 
that  problem.  But  NAT  is  nothing  more  than  an  ugly 
hack,  and  an  expensive  one  at  that.  I  can’t  count  the 
number  of  hours  I’ve  wasted  debugging  problems 
eventually  traced  to  NAT  compatibility  issues.  IPv6 
completely  eliminates  NAT.  And  dynamic  IP  address 
assignment. And  packet  fragmentation.And  network 
renumbering.  The  value  of  IPv6  is  not  its  directly 
addressable  endpoints,  it’s  that  NAT  isn’t  munging 
IPv6  packets  from  one  endpoint  to  the  other. 

The  death  of  NAT  also  vastly  simplifies  router  and 
firewall  configuration.  NAT  misconfiguration  is  a 
leading  cause  of  configuration  errors  and  inadver¬ 
tent  security  holes  in  these  devices.  Johnson 
believes  IPv6  security  is  no  better  than  IPv4’s.  But 
IPv6  provides  end-to-end  encryption  and  address 
authentication,  where  IPv4  is  at  best  end-to-gateway 
encryption  with  no  authentication.  And  IPv6’s  hier¬ 
archical  address  allocation  scheme  makes  it  impos¬ 
sible  to  spoof  IP  addresses,  eliminating  a  host  of 
denial-of-service  attacks. 

Johnson’s  claim  of  IPv6  routing  troubles  is 


overblown,  as  well.  IPv6  was  designed  to  route  just 
fine  on  the  current  network  infrastructure,  bringing 
advantages  like  QoS  and  Internet-wide  multicast  to 
the  table  at  no  extra  charge. 

Mel  Beckman 
Ventura,  Calif. 

Winrot  and  what-not 

Regarding  Mark  Gibbs’  Gearhead  column,  “Days  of 
Winrot  and  OS  what-not”  (DocFinder:  8923): Thanks 
for  bringing  attention  to  Winrot.  In  the  good  old  days 
of  Win98, 1  used  to  back  up  my  data  files,  then  boot 
up  from  a  floppy  I’d  simply  do  a  deltree  command 
on  the  Windows  &  Program  Files  directories,  throw 
in  the  Win98  CD,  install  Windows,  install  apps  and 
restore  data.  Since  the  rest  of  the  disk  was  left  intact, 
and  I  was  in  the  habit  then  of  not  installing  most  of 
my  apps  in  the  Program  Files  directory  when  I  rein¬ 
stalled  my  apps  to  the  existing  folders,  most  of  my 
settings  would  remain,  and  after  tweaking  Windows 
back  to  my  liking,  I  was  off  and  running. 

Today,  I  don’t  seem  to  need  to  reinstall  XP  as  often 
as  I  did  with  Win98  or  even  Win2K.  However,  when  1 
do,  it  kills  a  day.  1  have  to  back  up  my  data,  wipe  the 
drive  clean,  then  reinstall  everything.  The  other 
problem  with  data  backup  today  is  that  it’s  not  as 
simple  as  it  used  to  be.  And  what  about  all  the  users 
who  have  no  idea  how  to  do  this  and  just  live  with 
the  Winrot?  It’s  no  wonder  they  just  trash  the  whole 
computer  and  buy  a  new  one  when  it  becomes 
unbearable. 

Ron  Stockwell 
Sales  representative 
Data  Futures 
Overland  Park,  Kan. 

E-mail  letters  to  jdix@nww.com  or  send  them  to  John  Dix,  editor  in 
chief,  Network  World,  1 18  Turnpike  Road,  Southborough,  MA  01 772. 
Please  include  phone  number  and  address  for  verification. 


f  tflA  Readers  respond 

Rnd  out  what  readers  are  saying  about  these  and  other  topics.  DocFinder:  1030 
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VORTEX  2005 

Geoffrey  Moore 


Dealing  with  Darwin:  Shape  of  our  systems 


Maintaining  competitive  differentiation  is 
the  key  to  creating  attractive  investor 
returns.  But  in  a  global  economy  when 
you’re  spotting  an  offshore  competitor  a  huge 
wage  advantage,  how  do  you  maintain  high  mar¬ 
gins?  There  are  a  variety  of  ways  to  co-opt  the 
global  economy  and  make  it  work  for  you.  The 
key  is  to  have  increasingly  precise  long-distance 
information  and  communication  systems.  What 
shape  are  your  systems  in  today? 

Most  corporations  deploy  their  IT  systems  atop 
an  Internet-enabled  client-server  enterprise 
architecture  anchored  by  a  relatively  monolithic 
ERP  system, around  which  are  clustered  applica¬ 
tions  for  customer  relationship,  produce  life- 
cycle  and  supply  chain  partner  management. 
Add  in  your  homegrown  applications  and  bolt 
the  whole  thing  to  a  legacy  mainframe  system, 
and  your  flexibility  quotient  declines  to  zero. 

More  than  anything,  you  need  flexibility  to 
compete  in  the  global  economy.  We’re  all  mak¬ 
ing  this  global  stuff  up  as  we  go  along,  so  we 
have  to  be  able  to  experiment,  attach,  detach 
and  reattach  along  the  way  This  implies  a  kind 
of  modularity  not  present  in  most  corporate  IT 
systems  today. 


The  vision  for  this  modularity  is  in  place,  how¬ 
ever.  It  has  many  names,  and  service-oriented 
architecture  might  be  the  most  common. 
Virtually  all  of  your  vendors  have  spent  the  past 
five  years  reshaping  their  products  to  this  new 
standard,  but  you  have  not.  Until  you  do,  you  are 
going  to  be  living  in  maintenance  hell,  paying  a 
huge  complexity  tax  every  day  in  terms  of  the 
payroll  you  devote  to  keeping  your  client-server 

Until  you  reshape  your 
products,  you  will  be  living 
in  maintenance  hell. 

legacy  patched  together,  and  shuddering  every 
time  some  manager  suggests  adding  a  new 
application  for  competitive  advantage. 

It  is  time  to  bite  this  bullet.  Every  major  systems 
vendor  has  a  plan.  SAP  Cisco,  IBM,  EMC, 
Microsoft, HPSun  —  all  are  promoting  a  platform 
vision  in  which  they  can  help  you  transition  to 
the  new  architecture.  The  problem  is,  there  is  no 
short-term  ROl  for  implementing  any  of  them, so 
you  don’t  know  how  to  justify  the  cost  of  the 
effort  to  your  colleagues.  But  there  is  certainly  a 


negative  ROI  for  not  adapting.  We  call  it  “dealing 
with  Darwin.”When  the  forces  of  natural  selection 
are  knocking  at  the  door, “We’ll  get  back  to  you” 
doesn’t  cut  it.  Failure  to  act  now  commits  your 
company  to  an  increasingly  marginalized  future. 

At  Vortex  2005,  to  be  held  Oct.  24-26  in  San 
Francisco,  we’ll  discuss  a  framework  for  navigat¬ 
ing  these  treacherous  waters.  It  is  called 
core/context  analysis,  and  it  prioritizes  commit¬ 
ments  based  on  two  dimensions  —  contribution 
to  strategic  differentiation  and  management  of 
mission-critical  risk.  The  problem  with  our  lega¬ 
cy  architectures  is  that  they  no  longer  support 
differentiation,  although  they  do  contain  mis¬ 
sion-critical  risk.  The  new  architectures,  on  the 
other  hand,  support  strategic  differentiation,  but 
are  unproven  in  mission-critical  deployments 
and  any  transition  to  them  also  must  cope  with 
the  risk  of  migration.  How  do  you  do  that?  That’s 
the  question  that  300  CIOs  and  vendor  execu¬ 
tives  plan  to  tackle  at  Vortex.  To  register,  go  to 
www.networkworld.com,  DocFinder:  8921. 

Moore,  a  consultant  and  author,  is  co-executive 
producer  of  Vortex  2005.  He  can  he  reached  at 
gmoore@tcg-advisors.  com. 


REALITY  CHECK 
Thomas  Nolle 


Can  networking  make  a  financial  comeback? 


It’s  hard  to  remember  the  heady  days  of  the 
1990s,  when  network  stocks  were  flying 
high,  IPOs  showed  enormous  gains  in  their 
very  first  hours  and  the  financial  future  of  net¬ 
working  seemed  rosy.  Networking  is  sure  not 
looking  like  a  high-flyer  anymore.  Will  it  come 
back? 

Technology  in  general  has  been  recovering 
from  near-historical  lows.  During  the  worst  of 
the  post-bubble  collapse  (2003),  IT  spending  as 
a  percentage  of  the  gross  domestic  product  hit 
the  lowest  point  since  the  post-World  War  II 
period.  In  the  history  of  the  Information  Age, 
there  has  never  been  a  period  when  spending 
stayed  this  low  for  more  than  a  couple  of  years. 
That  alone  would  seem  to  give  hope  for 
increased  IT  spending  and  maybe  a  couple  of 
extra  bucks  for  network  equipment. 

Then  there’s  the  whole  service-oriented 
architecture  (SOA)  thing.  BusinessWeek  has 
heralded  SOA  as  the  most  significant  software 
trend  in  a  decade. The  idea  of  SOA  is  to  create 
flexible  application  relationships  that  let  users 
build  applications  similar  to  the  way  that  Web 
pages  are  built  today.  This  means  assembling 
pieces  hosted  on  servers  that  might  be  in  the 
data  center,  a  partner’s  server  farm  or  even  a 
service  provider’s  grid  computing  center.  It’s 
hard  to  see  how  all  this  assembling  could  be 
done  without  generating  network  traffic,  but 
you  don’t  hear  much  about  the  impact  of  SOA 
on  networks. 

One  problem  is  that  SOA  might  actually  be 
undermining  networking’s  mind  share  with 
senior  management.  SOA  is  an  application  rev¬ 


olution,  not  a  network  revolution.  It’s  true  that 
SOA  might  change  the  way  that  we  do  network¬ 
ing,  and  it  will  certainly  change  the  demands 
placed  on  networks,  but  right  now  the  focus  of 
management  is  on  the  application  and  soft¬ 
ware.  Companies  that  provide  applications, 
such  as  IBM  or  SAP  are  getting  appointments 
with  enterprise  CIOs;  network  vendors  are  hav¬ 
ing  a  harder  time.  Cisco’s  John  Chambers  talked 
about  the  need  for  a  higher  level  of  engage¬ 
ment  last  December;  the  question  is  whether 
anything  can  be  done  about  it. 

A  second  problem  is  commoditization  of  net¬ 
work  equipment.  There  are  just  so  many  fea- 

Networking’s  answer  for 
better  performance  is  to 
be  more  involved  in  SOA. 

tures  that  can  be  added  to  a  LAN  switch  or 
router  before  a  buyer  simply  doesn’t  see  the 
point  anymore.  LAN  switching  suffered  a  price 
collapse  in  the  early  1990s  because  of  this  fea¬ 
ture  overload.  Players  such  as  the  3Com-Huawei 
joint  venture, capable  of  operating  at  lower  prof¬ 
it  margins  per  sale,  can  hurt  the  profits  of  the 
major  vendors  when  buyers  increasingly  want 
high  speed  and  low  cost.  It  doesn’t  help  that 
everyone’s  chasing  the  small  and  midsize  busi¬ 
ness  market,  either.  This  market  isn’t  as  likely  to 
value  features,  is  too  small  for  direct  sales  and  is 
significantly  more  price-sensitive. 

It  seems  likely  that  the  carrier  segment  will 
have  to  provide  the  strength  in  the  network 


market  at  least  for  the  next  couple  of  years. 
Consumer  broadband  and  wireless  growth  are 
promising  to  drive  up  spending,  and  the  steady 
upward  trends  in  carrier  capital  expenditures 
have  surprised  Wall  Street.  It  seems  likely  that 
content  networking,  such  as  IPTV,  will  be  a 
major  driver  of  spending,  but  will  that  spending 
be  focused  more  on  content  servers  and  soft¬ 
ware  than  equipment?  Is  IT  going  to  threaten 
network  equipment  everywhere? 

It  seems  clear  that  the  only  answer  to  net¬ 
working’s  prayers  for  better  performance  is  to 
become  more  involved  in  SOA  and  content 
trends.That  doesn’t  mean  providing  fat  pipes  at 
lower  unit  cost;  it  means  finding  network  fea¬ 
tures  that  are  specifically  linked  to  SOA  and 
content.  Some  vendors  have  made  strides  in 
this  direction  Alcatel  has  IPTV-specific  features 
in  its  DSL  products,  and  Cisco  has  announced 
Application  Oriented  Networking,  which  in 
Europe  is  being  billed  as  a  way  to  make  net¬ 
works  aware  of  SOA.  But  neither  approach 
seems  to  be  getting  much  promotion  by  its  ven¬ 
dor,  or  much  publicity  and  recognition. 

Could  it  be  that  we’ve  lost  our  excitement?  Is 
the  problem  with  networking  now  as  simple  as 
that  the  promoters  don’t  believe  anymore?  Is 
networking  strategic  or  just  plumbing?  If  we 
can’t  prove  it’s  the  former,  it  will  surely  become 
the  latter. 

Nolle  is  president  of  CIMI  Corp.,  a  technology 
assessment  firm  in  Voorhees,  N.J.  He  can  be 
reached  at  (856)  753-0004  or  tno!le@ 

cimicorp.  com. 
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The  scoop  on  the  upcoming  fall  IT  product  lineup. 


as  TV  viewers 
are  getting  a  taste  of  the  net¬ 
works’  new  fall  lineups,  so  will 
IT  execs  and  other  industry 
watchers  this  week  at  DemoFall 
2005,  where  70  of  the  most- 
promising  products  and  ser¬ 
vices  will  be  unveiled. 

It’s  no  surprise  that  among  the 
top  bets  are  start-ups  pitching 
offerings  that  deal  with  securi¬ 
ty  From  fending  off  malware  to 
protecting  corporate  docu¬ 
ments,  DemoFall  demonstra¬ 
tors  are  trying  to  help  organiza¬ 
tions  protect  their  precious 
assets.  Also  on  tap  are  compa¬ 
nies  debuting  wares  that  ease 
the  burden  on  IT  groups. 

Our  favorites  are  listed  over 
the  next  few  pages  —  a  com¬ 
plete  list  of  the  companies 
showing  new  technologies  at 
the  show  is  available  at 
www.demo.com. 


THE  SHIELD 

Product:  Vulnerability  Protection  Suite 
Company:  Determina,  www.determina.com 
Premieres:  Available  now,  about  $750  per  server. 

Details:  “Every  CXO  is  forced  into  a  trade-off  between 
two  very  important  things:  business  disruption  and 
boosting  security’ says  Nand  Mulchandani,  vice  presi¬ 
dent  of  marketing  and  business  development  at 
Determina. 


Viruses  such  as  the  recent  Zotob  worm  force  IT  groups  to  take  down  infrastructure  for  patches  and  other 
updates,  Mulchandani  says.“You  have  to  react  to  every  security  threat  that’s  coming  out.  If  you’re  responsible  for 
thousands  of  PCs, you’re  in  a  world  of  hurt,”  he  says.The  time  it  takes  to  test  and  circulate  patches  only  worsens 
the  situation. 

The  Vulnerability  Protection  Suite  includes  the  Determina  Memory  Firewall  and  LiveShield.The  software  lets 
IT  managers  rapidly  create  a  shield  around  vulnerable  code.  For  example,  if  Microsoft  announces  a  problem 
with  Internet  Explorer,  IT  groups  can  introduce  a  barrier  to  the  affected  code  into  the  server  while  it  is  still  run¬ 
ning  and  without  rebooting. 


PATCH  GAME  ’05 

Product:  Application  Continuity  Appliance 
Company:  Teneros,  www.teneros.com 

Premieres:  Available  now,  $15,000  for  appliance  and  $3,750  annual  ser¬ 
vice  fee. 

Details:  “Companies  have  invested  in  Microsoft  infrastructure  and  they 
need  to  keep  end  users  of  those  mission-critical  applications  up  and  run¬ 
ning,”  says  Steve  Lewis,  president  and  CEO  of  Teneros.  He  says  IT  groups  at 
smaller  companies  don’t  have  the  resources  to  handle  continuous  patching. 

Teneros’  appliance  hooks  directly  onto  Microsoft  Exchange  servers  and 
provides  automated  monitoring,  patching  and  upgrades.The  company  says 
it  will  soon  provide  support  for  Microsoft’s  Great  Plains  business  applica¬ 
tion,  as  well. 
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I  (ANTI-)SPY 

Product:  Active  Malware  Defense  Technology 
Version  2.0 

Company:  Sana  Security, 
www.sanasecuritycom 

Premieres:  Early  2006 

Details:  Sana  Security  thinks  a  lot  about  busi¬ 
ness  continuity  Matthew  Williamson,  senior 
research  scientist  at  the  start-up,  says  today’s 
security  tools  jeopardize  business  continuity 
because  they  rely  on  known  signatures  to  stop 
worms.  If  a  signature  is  not  recognized,  then  IT 
groups  must  wait  for  a  signature  to  be  created 
and  this  can  cause  network  disruptions. 

“Worms  are  designed  stealthily,  and  it  can 
take  a  long  time  to  get  a  signature,”  Williamson 
says.  He  says  once  signatures  are  detected, 
scanning  can  take  a  large  chunk  of  time  and 
that  affects  the  productivity  of  end  users. 

Active  Malware  Defense  Technology  Version 
2.0  uses  generic  detection  to  uncover  mali¬ 
cious  code, Trojans,  backdoors  and  spyware. 
The  software  looks  at  the  behavior  of  running 
programs,  including  key  logger  installs  and 
whether  code  is  being  hidden  from  the  user.  If 
something  malicious  is  detected,  the  software 
removes  it  without  human  involvement. 


WORDS  AND  WEB  SmS 

Product:  Fbrtals  for  Mortals 
Company:  iCentera 

Premieres:  Now  available,  $30  to  $90  per  user, 
with  hosting  from  Level  3. 

Details:  “IT  would  rather  be  involved  in  rolling  out 
a  new  server,  not  forcing  a  new  file  to  the  server;” 
says  Craig  Nelson,  CEO  of  iCentera.  The  company 
developed  Fbrtals  for  Mortals,  a  software  suite  that 
lets  business  units  develop  dynamic  Web  sites  with¬ 
out  the  involvement  of  IT.  Nelson  says  marketing 
teams  can  use  the  service  to  customize  sites 
around  marketing  campaigns,  interact  with  cus¬ 
tomers  and  create  a  community  for  employees.The 
wizard-driven  tool  supports  document  loading, 
images  and  interactive  content. 


CLEAN  SWEEP 

Product:  Hygiene 

Company:  Workshare,  www.workshare.com 

Premieres:  Available  in  beta  later  this  year.  No  pric¬ 
ing  yet. 

Details:  Document  transfers  are  beginning  to  con¬ 
cern  IT  groups  as  a  security  risk.“Every  day  over  a 
hundred  million  documents  are  sent  over  e-mail,  but 
these  documents  are  ‘dirty’  with  hidden  and  visible 
risks,  including  private  information  about  customers 
and  consumers,”  says  Ken  Rutsky,  executive  vice  presi¬ 
dent  at  Workshare.“Companies  have  to  find  a  way  to 
keep  this  information  from  leaking  without  disrupting 
the  flow  of  business.” 

Workshare  will  roll  out  its  Hygiene  application  (client  and  server  software),  which  uses  policies  to  spot  infrac¬ 
tions  in  hidden  and  visible  text.  For  instance,  metadata  or  information  held  in  “track  changes”  that  compromise  cor¬ 
porate  security  can  be  filtered  or  fixed  based  on  internal  policy  The  tool  also  features  identity-based  routing  and 
auditing  so  organizations  can  ensure  that  their  compliance  mandates  are  being  followed.  Compliance  officers  can 
utilize  a  dashboard  to  see  the  top  alert  triggers  among  senders  and  documents. 


FAST  LANE 

Product:  ATG  Service  Suite 
Company:  Art  Technology  Group.www.atg.com 
Premieres:  Now  available,  pricing  not  yet  released. 

Details:  Trying  to  serve  customers  from  various  silos  is  difficult  for 
companies.  IT  groups  struggle  to  link  the  multiple  repositories  so  that 
customer  service  representatives  have  instant  access  to  information. 

The  Art  Technology  Group  (ATG)  is  unveiling  its  Service  Suite  to 
streamline  the  retrieval  of  customer  information. The  software 
(server  software  and  Web  agent  client)  features  the  company’s 
Wisdom  technology,  which  allows  for  real-time  personalization, 
contextualized  delivery  of  content  and  rapid  resolution  of  ques¬ 
tions  for  customers.  For  instance,  if  a  valued  customer  is  surfing  a 
Web  site,  he  might  get  a  quicker  response  time  to  his  question 
than  a  first-time  visitor.  He  also  might  get  different  offers  for  addi¬ 
tional  products  and  services  than  other  customers. 

Erik  Hille,  director  of  product  marketing  at  ATG,  says  the  key  is  cap¬ 
turing  the  context  of  the  customer  interactions  with  either  the  Web 
site  or  call  center.  Improving  response  time  lowers  traditionally  high 
service  costs  and  increases  crosschannel  activity  between  product 
lines.  Having  detailed  information  about  customers  and  their  prod¬ 
uct  choices  readily  available  also  reduce  training  time  for  new  cus¬ 
tomer  representatives,  he  says. 


I’M  TELLING 

Product:  Barracuda  IM  Firewall 

Company:  Barracuda  Networks, 
www.barracuda.com 

Premieres:  Available  in  beta  soon. 

Details:  Barracuda  Networks  uses 
policies  to  gain  a  grasp  on  corpo¬ 
rate  instant  messaging.  The 
Barracuda  IM  Firewall  lets  IT  groups 
encrypt,  filter  and  log  instant  mes¬ 
sages  from  public  clients  such  as 
Yahoo,  AOL  and  MSN. 
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The  software  also  lets  companies 
set  policies  regarding  identity  man¬ 
agement,  keyword  notification  and 
compliance  breaches.  For  instance, 
the  firewall  can  detect  when  a  user 
chooses  a  screen  name  that  is  inap¬ 
propriate  or  sends  out  confidential 
information. 

Barracuda  IM  Firewall,  which 
works  with  other  anti-virus,  anti¬ 
spam  and  spyware  programs,  lets 
companies  make  alliances  with 
their  clients  and  partners  for  the 
safe  use  of  IM. 


|  Read  more  of  what  to  expect  from  the  show  on  page  54. 
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COOL  STUFF  FOR  END  USERS 


BY  KEITH  SHAW 

MANY  products  being  intro¬ 
duced  at  DemoFall  are  designed  for 
IT  execs  to  roll  out  across  the  com¬ 
pany  but  there  are  also  several  cool, 
new  products  that  IT  pros  will  want 
to  buy  for  themselves. 

SPECIAL  DELIVERY 

Product:  EasyReach  Remote  Access 
Company:  EasyReach,  www.easyreach.com 

Premieres:  Coming  soon,  for 
about  $80  per  year  for  one 
user/PC,  or  $100  per  year  for  two. 

Details:  BlackBerry  and  other 
handheld  mobile  devices  are 
great  for  getting  e-mail  pushed 
from  a  corporate  network  down 
to  the  user,  but  pulling  data  from 
other  sources  (on  a  network  file 
sources,  or  an  end  user’s  PC) 
can  be  more  difficult. 

EasyReach  plans  to  launch  a 
service  that  turns  the  handheld 
device  into  a  mini  PC,  by  letting 
users  conduct  keyword  searches 
to  securely  retrieve  files  or  e-mails 

from  a  desktop  PC  or  file  server,  and  then  deliver  them  back 
to  the  handheld  device.  After  a  user  types  in  the  keyword, 
the  service  finds  the  file,  and  then  sends  the  search  results 
back  via  an  e-mail.  Users  can  then  request  one  or  more  files 
to  be  sent  back  to  the  device. 


NEW(S)  RADIO 


Product:  SoundBridge  Wi-Fi  Music  System 
Company:  Roku,  www.rokulabs.com 

Premieres:  Available  worldwide  at  end  of 
October,  $399. 

Details:  Roku’s  SoundBridge  products  have 
always  defined  cool  in  design  and  function, 
and  this  one  is  no  different.The  Wi-Fi  Music  System 
takes  the  world  of  digital  networked  music  to  the 
next  step  by  combining  a  networked  audio  player 
(ability  to  listen  to  MP3s  across  a  home  network), 
Internet  radio  player  and  AM/FM  clock  radio  (with 
alarm!)  with  built-in  quality  speakers  into  one  sleek 
device.  With  this  device,  you’ll  be  able  to  wake  up  to 
any  radio  station  from  around  the  world. 

The  all-in-one  music  system  can  automatically  con¬ 
nect  to  a  wireless  home  network  (the  device  has  an 
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Product:  NextPage  v.2 

Company:  NextPage,  www.nextpage.com 

Premieres:  Available  now,  $99  per  user,  per  year. 

Details:  Tracking  the  location  and  status  of 
Office-based  documents  is  like  herding  cats  — 
until  now.  NextPage  v2  is  software  and  a  service 


802.1  lb  radio  but  will  connect  to  802.1  Ig  networks) 
and  play  music  stored  on  networked  PCs  in  other 
parts  of  the  house.  In  addition,  the  network  connec¬ 
tion  lets  users  listen  to  Internet  radio  stations  from 
around  the  world. 

There’s  no  Ethernet  port  or  USB  port,  but  users  on 
the  home  network  will  be  able  to  configure  the 
device  through  a  Web  browser  to  add  additional 
Internet  radio  stations  or  connect  to  a  secure  wire¬ 
less  network. 
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Presa  Compare  to  eve  changes  in  version  8. 


that  tracks  the  location  and  status  of  every  user’s  Word,  Excel  or  PbwerPoint  file.  Whenever  a  document  is 
opened,  revised,  changed  or  e-mailed,  the  information  is  tracked  by  NextPage  and  then  compiled  in  a  dashboard 
view  for  the  end  user.  Having  the  50,000-foot  view  of  the  status  of  all  of  a  user’s  Office  documents  can  save  loads 
of  time.  Users  can  make  sure  that  they  are  working  on  the  latest  version,  or  track  the  changes  of  a  document  that 
gets  sent  to  multiple  parties.  Preventing  a  user  from  wasting  time  working  on  an  old  version  of  a  document 
should  be  well  worth  the  service  fees. 


JUIERKTS  FUNNIEST  VIDEOS 

Product:  VideoEgg  Publisher 
Company:  VideoEgg,  www.videoegg.com 

Premieres:  At  the  show. 

Details:  For  a  lot  of  video  bloggers  and 
others  trying  to  do  Webcasts  or  other 
video-on-the-net  projects,  the  process  of 
capturing,  editing,  encoding,  uploading 
and  streaming  is  extremely  tedious.The 
VideoEgg  Publisher  aims  to  make  this 
process  much  easier  for  end  users. 

The  package  is  aimed  to  let  existing 
Web  sites  add  powerful  video  functionality  with  minimal  effort  and 
cost.  A  plug-in  accepts  video  directly  from  camcorders, Webcams  and 
even  video  camera  phones  in  an  easy,  drag-and-drop  fashion.  Basic 
editing  tools  will  be  provided  to  let  end  users  pick  a  start  and  stop 
time,  as  well  as  do  some  basic  cuts  in  the  middle  of  a  video. 
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Title:  New  York  Marathon 


Product:  ComVu  Mobile 
Company:  ComVu,  www.comvu.com 

Premieres:  Coming  soon  to  a  cell  phone  near 
you.  Service  about  $10  to  $100  per  month. 

Details:  ComVu  Mobile  will  let  consumers  cre¬ 
ate  live  videostreams  that  get  automatically 
uploaded  to  a  ComVu  streaming  media  server. 

Other  people  can  then  watch  the  videostream 
live  or  on  demand  because  ComVu  will  be  able 
to  archive  any  videos  users  create. The  service 
initially  will  be  targeted  towards  consumers  as 

an  easy  way  for  them  to  record  events  and  instantly  upload  videos  to  people 
who  aren’t  there, so  they  can  witness  the  experience,  imagine  having  your  grand¬ 
mother  see  a  video  of  the  new  baby  without  having  to  send  her  a  tape  (or  DVD) 
days  or  weeks  later. 


Live  Broadcasting  Now!  (03; 34) 
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Shaw  can  be  reached  at  kshaw@nww.com. 
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VeriSign"  Security  Services 

Countless  compliance  issues.  One  simple  solution. 
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VeriSign's  complete  suite  of  security  solutions  helps  you  achieve  and  sustain  compliance  with  today’s  industry 
and  regulatory  requirements.  The  combination  of  our  intelligent  infrastructure,  unique  visibility  into  global 
security  trends,  and  unsurpassed  security  knowledge  provide  more  effective  risk  management  and 
comprehensive  compliance.  Our  cost-effective,  managed-services  model  leverages  existing  in-house  resources 
and  processes— enabling  you  to  focus  on  growing  your  business.  VeriSign.  Where  it  all  comes  together.™ 

•  Managed  Security  Services  for  24/7  network  management,  host-log  monitoring,  and  security  intelligence 

•  Messaging  Security  and  Compliance  Services  for  email  archiving  and  anti-virus  protection 

•  Global  Security  Consulting  for  compliance  risk  assessments,  strategies,  and  certification 

•  Unified  Authentication  for  two-factor  authentication 

■  Learn  how  to  achieve  and  maintain  compliance  with  the  white  paper,  Optimizing  Enterprise  Security  Compliance, 
available  at  www.verisign.com/dm/gsc. 


€12005  VeriSign.  Inc.  All  rights  reserved.  VeriSign.  the  VeriSign  logo,  -Where  it  all  comes  together.'  and  other  trademarks, 


nee  marks,  and  designs  are  registered  or  unregistered  trademarks  of  VeriSign  and  its  subsidiaries  In  the  United  States  and  In  foreign  countries. 
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Demo  fail  preview, 

continued  from  page  51 

WEB  IMPROVEMENT 

Product:  eXamine  Enterprise 
Company:  Kenai  Systems,  www.kenaisys- 

tems.com 

Premieres:  Now  available  for  download. 


Details:  For  some  companies,  the  security 
concern  is  being  shifted  to  the  Web.  As 
more  applications  are  ported  to  Web  ser¬ 
vices  for  a  larger  and  more  remote  audi¬ 
ence,  IT  groups  are  worried  that  the  threat 
to  back-end  systems  is  greater. 

Kenai’s  eXamine  Enterprise  software  lets 
engineers,  developers,  security  specialists 
and  IT  groups  test  their  Web  applications, 
including  Web  Service  Definition 


Language  files,  against  vulnerabilities. 

“Developers,  security  gurus  and  quality 
assurance  folks  are  usually  in  their  own 
silos.  Developers  will  select  their  own 
Web  service  environment  without  regard 
to  whether  that’s  safe  for  the  rest  of  the 
enterprise,”  says  Jack  Quinnell,  CTO  at  the 
company. 

EXamine  Enterprise  lets  security  teams 
develop  baseline  policies  and  then  devel¬ 
opers  can  validate  Web  services  against 
those  specific  policies  and  general  vulner¬ 
ability  profiles.  Companies  also  can  create 
logs  and  reports  on  their  Web  services  for 
compliance  and  regulatory  mandates. 

POLICY  SQUAD 

Product:  mx2020  console 
Company:  IntelliReach,  www.intel- 
lireach.com 

Premieres:  Pricing  and  availability  not 
yet  released. 

Details:  “Messaging  is  in  chaos,”  says  Vicki 
Brown,  vice  president  of  marketing  at 
IntelliReach.’TT  managers  have  to  do 
reporting,  monitor  for  spam  and  viruses, 
and  archive  and  storage  for  compliance.” 

IntelliReach  aims  to  ease  this  burden  by 
tying  together  all  these  functions  via  poli¬ 
cy  management.  Using  a  central  console, 
called  the  mx2020,  IT  managers  can  dic¬ 
tate  how  to  handle  virus-laden  messages,  r 
what  disclaimers  are  placed  on  selected 
users’  outgoing  e-mail  and  what  messages 
should  be  encrypted. 

Companies  can  ensure  that  profanity  cor¬ 
porate  data  and  other  critical  factors  are 
not  putting  them  in  jeopardy  by  leaving 
the  network.  Users  also  can  manage  their 
own  messages,  including  full  text  searches, 
viewing  quarantined  e-mail  and  sorting 
archives.  Human  resources  and  legal 
departments  can  set  and  control  policies 
throughout  the  organizations. 

GREEN  ACRES 

Product:  Green  Array  Platform 

Company:  Green  Array, 
www.greenarray.com 

Premieres:  Available  for  Mac,  Windows 
and  Linux.  Pricing  not 
yet  released. 

Details:  One  of  the 

hottest  concepts  in 
industry  today  is  track¬ 
ing  corporate  perfor¬ 
mance  management.  At 
many  companies,  IT 
has  to  create  tools  that 
help  companies  moni¬ 
tor  the  success  of  pro¬ 
jects.  Green  Array  is 
releasing  a  tool  that  lets 
executives  and  adminis¬ 
trators  companywide 
take  ownership  of  this 
effort. 


The  Green  Array  Platform  lets  organiza¬ 
tions  track,  via  an  easy-to-use  “Outlook¬ 
like”  dashboard,  corporate  performance, 
business  unit  performance  and  project 
performance. 

Companies  can  gather  teams,  do  sur¬ 
veys,  readjust  benchmark  timelines  and 
allot  budget  resources  using  the  Green 
Array  tool. 

“The  business  side  can  lead  the  charge 
instead  of  IT  needing  to  lead  the  wayf 
says  Miles  Walsh,  founder  and  CEO  of  the 
company. 

NETWORK 

CONFIDENTIAL 

Product:  Secure  LAN  Controller 

Company:  ConSentry  Networks, 
www.consentrycom 

Premieres:  Currently  in  beta,  pricing  not 
yet  available. 

Details:  While  some  companies  focus  on 
shoring  up  the  desktop  and  applications, 
ConSentry  Networks  is  aiming  straight  for 
the  core  infrastructure. 

“Companies  looking  to  secure  their  net¬ 
works  buy  new  switches,  new  firewalls, 
new  servers.  By  the  time  they’re  done, 
they’ve  spent  hundreds  of  millions  of  dol¬ 
lars  on  a  ton  of  products  with  a  ton  of 
complexity?’ says  Faizel  Lakhani.vice  presi¬ 
dent  of  marketing  at  the  start-up. 

He  says  that  all  this  technology  bogs 
down  networks  and  has  an  adverse  affect 
on  users.“The  network  does  need  to 
become  user-aware  and  application-aware 
and  needs  to  do  deep  inspection  and 
track  users,  but  it  also  has  to  be  high-per¬ 
formance  and  easy  to  use,”  he  says. 

The  Secure  LAN  Controller  is  a  10G 
Ethernet  device  that  sits  between  access 
switches  and  core  switches  to  provide 
user-based  authentication.The  Secure  LAN 
Controller  uses  policies  matched  to  a 
user’s  name  and  IP  and  media  access  con¬ 
trol  addresses  to  limit  network  and  appli¬ 
cation  access. 

Gittlen  is  a  freelance  technology  editor.  She 
can  be  reached  at  sgittlen@charter.net. 
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Donate  $5  to  support  survivors  of  Hurricane 
Katrina  by  texting  “help”  to  24357  (2 HELP). 
All  funds  will  support  the  American  Red  Cross 
Hurricane  Katrina  relief  efforts. 

Your  donation  will  appear  on  your  monthly  bill 
or  be  debited  from  prepaid  account  balances - 
it’s  that  easy  to  help  make  a  difference 
to  the  thousands  of  people  affected 
by  Hurricane  Katrina. 


Alltel,  Boost  Mobile,  Cingular,  Cricket  Communications,  Dobson,  Sprint 
and  Verizon  Wireless  are  among  the  carriers  supporting  this  effort. 
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American  Red  Cross 

The  American  Red  Cross  name  and  emblem  are  used  with  its  permission,  which  in  no  way 
constitutes  an  endorsement,  express  or  implied,  of  any  product,  service  or  company.  All  text 
messaging  rates  will  apply.  Contact  your  wireless  carrier  for  applicable  rules  and  regulations. 


The  Text  2HELP  Campaign  was  coordinated  In  part  by 

VlTiTrhe  Wireless  Foundation] 


Feeling  Lost  Implementing  a  Best  Practice 
IT  Service  Management  Program? 


The  IT  Infrastructure  Library  (ITIL)  is  the  single  most  prominent 
source  for  best-practice  guidance  for  IT  service  management.  Both 
vendors  and  IT  managers  are  looking  to  ITIL,  and  its  Configuration 
Management  Database  (CMDB),  as  the  Holy  Grail  for  increasing 
efficiency  and  aligning  IT  organization  with  the  business.  But  what  is 
the  urgency  and  value  of  CMDB  adoption?  What  vendor  solutions 
provide  the  best  technical  direction,  as  well  as  a  process  ideal?  What 
are  the  critical  pitfalls  of  CMDB  implementations? 


Enterprise  Management  Associates  provides  the  industry’s  most 
extensive  research  and  analysis  of  the  CMDB  marketplace.  EMA’s 
recently  released  CMDB  series  of  research  reports  present  more  than 
25  vendor  profiles  and  how  their  solutions  stack-up  architecturally 
-  as  well  as  how  they  map  to  ITIL  best  practices.  The  reports  also 
provide  IT  perspectives  with  in-depth,  issues-oriented  analysis  of 
what  IT  managers  face  in  their  CMDB  implementations  -  with  a 
practical  eye  to  early-phase  priorities  and  adoption  issues. 


V  isi  r  www.enrerprisemanagement.CQm  /research  to  purchase 
\  our  road  map  of  the  configuration  management  landscape,. 


ENTERPRISE  MANAGEMENT 
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SECTOBSPOTl  HT  EDUCATION 

m  How  emerging  technologies  are  transforming  key  vertical  industries. 


Managed  Ethernet  hits  campus  nets 

Education’s  distributed,  high-bandwidth  requirements  make  it  a  natural  for  managed  Ethernet  services. 


BY  TERRY  SWEENEY 


As  wish  lists  go,  this  one  didn’t  shoot  the  moon. The  Cheltenham  School  District 
wanted  voice  and  data  connectivity  in  all  its  classrooms.  The  district  wanted  to 
make  its  online  grading  application  more  widely  available  and  add  an  E91 1  capa¬ 
bility  that  could  pinpoint  specific  classroom  numbers  in  the  event  of  an  emergency 


Working  with  Verizon  and  Alcatel,  the  schools  are 
adding  those  capabilities  as  they  deploy  managed 
Ethernet  services  across  their  20-square-mile  district  just 
north  of  Philadelphia. “We  have  convergence  that  results 
in  better  information  to  the  classroom,  which  means  bet¬ 
ter  quality  of  information  for  students,”  says  Gary  Bixby 
director  of  facilities  and  support  services  for  the  district. 

Local-  and  metro-area  managed  Ethernet  services  are  a 
great  fit  for  the  education  sector,  given  the  high  density  and 
distributed  nature  of  its  end  users.  Whether  it’s  a  university 
or  a  K-12  school,  educational  institutions  frequently  lack 
the  personnel  and  budget  to  manage  and  administer  thou¬ 
sands  of  Ethernet  drops. 

“Education  is  the  second  largest  vertical  industry  for 
Ethernet  services,  accounting  for  29%  of  total  U.S.  ports,” 
says  Erin  Dunne,  director  of  research  services  for  consul¬ 
tancy  Vertical  Systems  Group.  Ethernet  is  well  suited  for 
campus  connectivity  high-bandwidth  applications  such  as 
video  learning  or  research. 

Monthly  per-port  charges  range  from  $1,000  to  $10,000, 
depending  on  the  speed  of  their  connection  (typically 
above  1.5  M  bit/sec  and  up  to  1G  bit  or  more),  the  school’s 
distance  from  a  carrier’s  point  of  presence,  and  whether  the 
link  is  carrier-owned  or  resold  by  a  third  party  Dunne  says. 

Procuring  pipes 

A  hunger  for  high  bandwidth  led  the  Information  Science 
Institute  (ISI),part  of  the  University  of  Southern  California 
(USC),  to  join  the  Los  Nettos  Consortium.  Los  Nettos  pro¬ 
vides  fat  pipes  and  Internet  access  through  Verio,  Cogent 
Communications  and  other  carriers.  The  Los  Nettos  Con¬ 
sortium  includes  USC,  CalTech,  Jet  Propulsion  Laboratory 
and  Northrop  Grumman  Space  Technology 
For  about  $8,300  a  month,  IS1  gets  a  100M  bit/sec  con¬ 
nection  that  can  burst  up  to  1G  bit  if  traffic  loads  permit. 
Los  Nettos  provides  IP  addresses  for  ISI’s  demilitarized  zone 
and  handles  the  Border  Gateway  Protocol  peering  among 
the  consortium  members. 

As  for  management,  ISI  gets  access  to  Los  Nettos’  network 
operations  center,  and  can  monitor  overall  circuit  and  net¬ 
work  performance  or  track  the  progress  of  denial-of-service 
attacks,  according  to  Richard  Nelson,  ISI’s  director  of  com¬ 
puting  in  Los  Angeles. 

In  addition,  Los  Nettos  representatives  meet  monthly  with 
the  consortium  members  to  present  performance  data  and 
address  service  concerns.'They  listen  to  us  and  have  been 


very  responsive  —  they’ve  added  IPv6,  multicast  and 
Internet2  connectivity  for  grid  computing  applications,” 
Nelson  says.  “So  yes,  we  pay  a  premium  for  managed  ser¬ 
vices,  but  what  we  get  in  return  is  a  much  better  relation¬ 
ship  with  the  provider  and  extremely  reliable  service.” 

Having  maxed  out  on  its  T-l  backbone,  St.  Joseph’s 
University  turned  to  Yipes  Enterprise  Services  in  2003.The 
university  wanted  the  flexibility  to  add  or  subtract  ports 
and  capacity  It  wanted  20M  bit/sec  connections  in  the 
slower  summer  months  and  45M  bit/sec  the  rest  of  the  year, 
and  it  also  required  sufficient  redundancy 

Students  at  the  Philadelphia  university  rely  on  Web 
access  for  e-mail  and  portal  services  that  let  them  register 
for  classes,  check  grades  and  interact  with  professors  via 
online  course  management  tools,  says  Joe  Petragnani,  St. 
Joseph’s  assistant  vice  president  of  networking  and 
telecommunications.  The  network  connects  55  buildings 
and  about  7,000  users  —  students,  faculty  and  staff. 

Yipes  brought  a  100M  bit/sec  Ethernet  circuit  into  St. 
Joseph’s  data  center  and  manages  the  service  from  the 
data  center  out  to  its  point  of  presence.  It  ensures  the 
99.999%  availability  contracted  in  the  service-level  agree¬ 
ment  (SLA)  with  the  university  and  contacts  Fetragnani’s 
department  in  the  event  of  problems. 

“They  have  a  customer  care  Web  site  where  we  can  check 
SLAs  and  bandwidth  utilization,  and  get  daily  reports,”  says 
Stacey  Carlin,  assistant  director  for  network  services  for  St. 
Joseph’s.“If  we  want  something  more  granular,  we  put  in  a 
request  and  get  the  report  back  in  24  hours.”  She  would  like 
to  have  direct,  real-time  access  to  Yipes’  network  manage¬ 
ment  performance  data,  similar  to  what  she  gets  on  cam¬ 
pus  by  polling  St.  Joseph’s  network  nodes,  but  it’s  not  some¬ 
thing  Yipes  or  many  other  carriers  offer  yet. 

Perhaps  best  of  all, Yipes  has  proven  itself  to  be  price-com¬ 
petitive.  St,  Joseph’s  had  a  three-year  contract  under  which 
it  paid  about  $6,000  a  month  for  its  Ethernet  circuit  and 
management,  but  a  recent  renegotiation  brought  that  down 
to  less  than  $4,000  a  month. 

Ethernet  rates  with  E-Rate 

Cheltenham’s  Bixby  says  the  school  district’s  decision  to 
look  at  managed  Ethernet  services  from  Verizon  was  has¬ 
tened  by  two  developments.  A  Web  application  where 
teachers  record  attendance,  assignments  and  grades,  and 
can  be  viewed  by  parents  and  students,  was  slowing  the 
network  as  more  viewers  logged  on.That  was  costing  teach- 


AT  A  GLANCE:  EDUCATION 

•  Education  accounts  for  29%  percent  of  more 
than  23,000  metro  and  long-haul  Ethernet  ports 
in  service,  second  only  to  healthcare,  according 
to  Vertical  Systems  Group. 

•  Smaller  IT  budgets  are  a  fact  of  life  among 
colleges  and  universities,  according  to  the  lat¬ 
est  Campus  Computing  survey.  A  little  more 
than  24%  report  cuts  in  academic  computing  in 
2004,  and  another  25%  reduced  funding  for 
administrative  computing  last  year. 

•  Student  Monitor  LLC  reports  that  53%  of  full¬ 
time  college  students  own  a  notebook  comput¬ 
er,  up  from  39%  in  2004.  Desktop  systems 
among  collegiate  users  is  down  slightly  to  69% 
percent  from  76%  last  year. 


ers  about  10  minutes  of  teaching  time  per  day,  Bixby  says. 

Separately,  Bixby  started  tracing  through  records  to  find 
out  who  owned  the  fiber  that  connected  the  district’s  eight 
buildings  and  600  faculty  and  staff.  He  found  it  was 
installed  several  years  ago  by  Bell  Atlantic,  now  part  of 
Verizon.The  outside  ownership  was  good  news  because  it 
enabled  the  school  district  to  qualify  for  an  E-Rate  discount 
given  to  schools  and  libraries  needing  Internet  access.  So 
while  Cheltenham  spends  $120,000  annually  for  managed 
Ethernet  services,  the  district  gets  an  E-Rate  discount  of 
40%,  bringing  its  actual  bill  down  to  about  $72,000.  “We 
don’t  have  a  lot  of  money  in  our  district,  so  it  had  to  be 
done  in  a  creative  wa>(  he  says. 

Verizon  watches  the  school  district’s  network,  making  for 
better  reliability  and  unexpected  levels  of  responsiveness, 
Bixby  says.  “If  anything  happens,  I  get  a  call  and  they  dis¬ 
patch  someone  24-7  within  four  hours.  It’s  impressive  as  all 
get-out,”  Bixby  says.  The  district  has  initiated  a  half  dozen 
calls.The  most  serious  was  after  a  control  board  went  down 
in  one  of  the  data  switches.  “The  other  times  they’ve  been 
out  before  1  even  knew  we  had  a  fault,”  Bixby  says. 

The  school  uses  an  IP-PBX  from  Alcatel,  and  that  vendor 
also  steps  in  if  needed,  Bixby  says. “With  all  three  of  us  so 
tightly  cooperating,  there  is  never  a  problem  we  can’t 
solve.” 

ISI’s  Nelson  and  Petragnani  of  St.  Joseph’s  also  point  to  the 
tighter  relationships  that  managed  Ethernet  create  with  ser¬ 
vice  providers.  Monthly  charges  may  cost  more  than  raw 
bandwidth,  but  the  better  responsiveness  means  better  ser¬ 
vice  reliabilityAnd  that  figures  highly  on  any  user’s  wish  list. 

Sweeney  is  a  freelance  writer  in  Los  Angeles.  He  can  be 
reached  at  terry@tsweeney.com. 
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HP  PROLIANT  BL20p  G3  BLADE  SERVER 


with  ProLiant  Essentials  Management  Software 

•  Up  to  2  Intel®  Xeon™  Processor  (3.60GHz/2MB)‘ 

•  High  density:  Up  to  48  servers  per  rack 

•  Rexible/Open:  Integrates  with  existing  infrastructure 

!  •  HP  Systems  Insight  Manager™:  Web-based  networked 
|  management  through  a  single  console 
i  ■  Rapid  Deployment  Pack:  For  ease  of  deployment  and 
ongoing  provisioning  and  reprovisioning 
i  •  Integrated  Cisco  or  Nortel  switch  options 


HP  STORAGEWORKS  MSAISOOcs 


Get  2TB  of  Storage  Free($2,800  Value)2 
:  ■  Up  to  24TB  of  capacity  (96  250GB  SATA  drives) 

•  Up  to  16TB  of  capacity  (56  300GB  SCSI  drives) 

•  Ability  to  mix  SCSI  and  Serial  ATA  enclosures 
for  greater  flexibility 

•  2GB/ 1GB  Fibre  connections  to  host 


The  HP  ProLiant  BL20p  G3  blade  server  with  the  Intel®  Xeon,M  Processor  simplifies  server  management.  In  fact,  it's 
so  simple,  you  can  even  manage  it  remotely  through  leading  Web  browsers  using  HP  iLO  technology.  And 
not  only  is  it  simple  to  manage,  it's  also  simple  to  monitor  and  set  up.  It  all  starts  with  the  Rapid  Deployment  Pack, 
giving  you  an  automated  setup  process  to  configure  and  deploy  servers  at  high  volume  and  a  rapid  pace. 
Then  HP  Systems  Insight  Manager™  gives  you  a  real-time  overview  of  system  performance,  even  alerting  you 
to  potential  problems  before  they  occur.  Plus,  you  can  bundle  it  with  the  HP  StorageWorks  MSA1500cs  to  make 
storing  your  data  simple,  scalable  and  affordable.  So  with  HP,  you  get  more  expertise  before  you  buy,  more 
technology  when  you  do  and  more  support  after.  Wherever  you  happen  to  be. 


SMART  ADVICE  >  SMART  TECHNOLOGY  >  SMART  SERVICES 


Call  1-877-298-0631 
Click  Hp.com/go/bladesmag20 
Visit  your  local  reseller 


1.  Inters  numbering  is  not  a  measurement  of  higher  performance.  2.  Receive  up  to  2TB  of  storage  free  with  purchase  of  HP  StorageWorks  Modular  Smart  Array  1500cs  devices.  Offer  valid  through  10/31/05. 3.  Save  $750  instantly  on  the  purchase  of  a  BladeSystem  pCIass  1U  power  enclosure  so, utm  Offer  va,d 
through  10/31/05  All  offers  available  from  HP  Direct  and  participating  resellers.  Prices  shown  are  HP  Direct  prices,  are  subject  to  change  and  do  not  include  applicable  state  and  local  sales  tax  or  shipping  to  recipient's  destination.  Reseller  prices  may  vary.  See  Web  site  for  full  details.  Photography  may  not  am-attxy 
represent  exact  configurations  priced  Associated  values  represent  HP  published  list  price.  Intel,  Intel  Inside,  the  Intel  Inside  Logo  and  Intel  Xeon  are  trademarks  or  registered  trademarks  of  Intel  Corporation  or  its  subsidiaries  in  the  United  States  and  other  countries.  ©2005  Hewlett-Packard  Development  Company,  i  f 


Coradiant  provides  insight 
on  Web  performance 


Starting  at  $84^950  _ _ 

Pros:  Detailed  reporting  of  availability  and 

performance  data;  strong  ad  hoc  querying 
support;  easy-to-use  interface. 

Cons:  Lacks  full  response  monitoring  of  packet 
payload;  built-in  network  taps  would  be 
helpful. 


BY  THOMAS  POWELL,  NETWORK  WORLD  LAB  ALLIANCE 

Many  Web  administrators  live  in  a  state  of  blissful  ignorance,  unaware  of  the 
true  health  and  performance  of  a  Web  site  until  users  complain.  Coradiant’s 
TrueSight  1 100  appliance  actively  monitors  actual  Web  site  traffic,  giving  Web 
managers  a  heads-up  on  problems  before  their  users  do. 


The  Breakdown 


Monitoring  40% 

3.5 

Administration  20% 

4.5 

Security  15% 

4.5 

Interface  and  reporting  15% 

4 

Installation  10% 

4.5 

Total  score 

4.03 

Scoring  Key: 

5:  Exceptional. 

4:  Very  good. 

3:  Average. 

2:  Below  average. 

1:  Subpar  or  not  available. 


The  TrueSight  device  needs  to  be  strategically  installed  in 
the  delivery  network  to  capture  the  appropriate  data.  This 
data  capture  is  accomplished  via  a  network  tap,  a  mirrored 
port  on  a  switch,  or  similar  feature  on  a  load-balancing 
device. We  were  disappointed  the  device  did  not  contain  its 
own  network  tap  for  easy  installation. 

Initial  setup  —  done  with  a  command  line  interface  via  a 
serial  connection  —  is  minimal  and  requires  basic  network 
settings,  port  information  to  later  administer  the  box  via 
Web  interface,  and  a  master  security  officer  password  for 
the  box.  In  spite  of  a  relatively  secure  security  posture  of  the 
appliance  in  general,  you  can  set  a  relatively  weak  pass¬ 
word  here. 

The  Web  interface  lets  you  enable  the  device  to  begin 
logging  traffic.  Data  collected  can  be  downloaded  to  a 
local  system  for  offline  analysis  or  sent  via  SNMP  to  any 
monitoring  system.  Various  session  and  user  detection 
parameters  can  be  set  so  captured  traffic  can  be  reassem¬ 
bled  into  a  logical  view  of  user  activity  To  do  this  you  need 
to  make  sure  your  sites  have  distinguishing  items  to  easily 
identify  users. 

However,  because  you  might  not  always  be  fully  aware 


How  We  Did  It 


We  installed  the  Coradiant  TrueSight  1100  in 
a  Web  farm  collocated  at  the  Inflow  nation¬ 
al  collocation  facility  in  San  Diego.  Data 
was  collected  passively  via  a  generic  network  tap. 
The  farm  served  approximately  200  different  Web 
sites,  including  e-commerce  sites;  a  few  Web  appli¬ 
cations;  and  a  variety  of  static,  semi-dynamic  and 
fully  dynamic  Web  sites  built  with  a  multitude  of 
technologies,  including  Active  Server  Pages, 
ColdFusion,  PHP  and  Java  Server  Pages.  We  moni¬ 
tored  live  Web  traffic  off  and  on  for  approximately 
three  months;  and  the  device  was  used  to  diagno¬ 
sis  basic  server  problems,  performance  issues,  bro¬ 
ken  links  and  a  number  of  other  errors.  We  ran 
both  manual  and  synthetic  tests  to  make  sure  the 
device  captured  sessions  accurately 


of  the  range  of  changes  in  monitored  Web  applications,  it 
would  be  helpful  for  the  device  to  monitor  traffic  for  new 
session-oriented  cookies  and  URL  patterns,  and  to  alert 
you  to  apply  them.  If  you  are  going  to  monitor  static  Web 
sites,  you  have  to  rely  on  timing  and  IP  addresses  to  iden¬ 
tify  user  patterns. 

The  TrueSight  box  collects  potentially  sensitive  user 
data,  and  Coradiant  does  a  reasonable  job  in  securing  the 
appliance.  Access  to  the  Web  console  is  forced  via  SSL, 
and  the  box  enforces  very  strong  passwords.  But  we 
would  have  liked  to  see  easily  accessible  usage  reports 
and  a  richer  ability  to  define  access  privileges  for  users. 

Configured  to  monitor  SSL  traffic,  TrueSight  can  decrypt 
user  sessions  when  the  appropriate  keys  are  loaded.  Even 
for  approved  users,  decrypted  traffic  might  be  quite  sensi¬ 
tive.  To  address  this  concern, TrueSight  offers  several  confi¬ 
dentiality  features.  For  example,  captured  data  cookies,  post 
parameters  and  Uniform  Resource  Identifier  queries  can 
be  sanitized  by  hashing  data  into  something  less  sensitive 
though  still  uniquely  identifying.Values  also  can  be  deleted 
or  the  entire  data  item  purged. 

Once  basic  traffic  capture  is  enabled,  you  set  up  what 
are  called  Watchpoints  to  monitor  and  filter  out  important 
events  from  the  vast  amount  of  data  being  captured. The 
box  comes  with  dozens  of  pre-defined  filters,  such  as 
those  that  look  for  certain  types  of  browsers,  error  types, 
speed  of  users  and  content  types.  Setting  up  custom  filters 
is  a  breeze  through  the  nicely  implemented  expression 
editor. You  can  specify  performance  and  error  rates  per  fil¬ 
ter,  a  good  option  if  you  manage  several  Web  applications 
with  different  user  expectations. 

When  we  drilled  down  into  the  data  collected,  we  devel¬ 
oped  our  love/hate  relationship  with  the  TrueSight  inter¬ 
face.  It’s  got  small  polish  points  that  kept  us  happy  such  as 
a  countdown  timer  that  shows  when  the  page  is  about  to 
reload  when  actively  monitoring;  a  bypass  button  that 
forces  content  to  refresh;  and  a  graphic  capture  of  the  LCD 
on  the  appliance  available  from  the  Web  interface.  We  par¬ 
ticularly  liked  the  clean  information  layout  found  on  ses¬ 
sion,  page  and  object  detail  screens  that  brings  clarity  to 
the  massive  amount  of  request  data  found  in  a  typical  user 
session. 

But  we  occasionally  became  frustrated  when  moving 
back  through  the  system  as  it  lost  our  place  in  the  list  of 


sessions.  We  also  found  it  frustrating  that  we  couldn’t 
directly  launch  a  browser  to  access  various  Web  objects 
monitored  to  verify  observed  errors  ourselves.  Also,  while 
reporting  looked  very  nice,  very  often,  we  found  the  label¬ 
ing  in  the  system  extremely  hard  to  read  when  there  was 
a  lot  of  data  in  a  graph. 

The  key  benefit  of  TrueSight  lies  in  its  ability  to  isolate 
and  help  solve  problems.  We  very  clearly  spotted  inter¬ 
mittent  performance  problems,  some  occasional  server 
hangs  and  the  ever-common  HTTP  errors.  However,  the 
device  does  not  yet  offer  deep  insight  into  the  application 
level  or  content  issues  that  might  occur  in  a  Web  site,  so 
we  were  sometimes  stymied  by  investigating  problems. 
For  example,  we  could  not  see  full  headers  of  transac¬ 
tions,  which,  in  a  few  cases  of  dealing  with  1SAPI  filters, 
would  have  resolved  problems  quickly.  Furthermore, 
because  we  could  not  observe  the  actual  HTML  and 
other  content  returned,  the  box  could  clearly  miss  appli¬ 
cation  logic  where  a  page  returns  a  200  level  HTTP  status 
but  is  mined  datawise. 

In  capable  hands,  Coradiant’s  TrueSight  acts  as  a  smart 
microscope  for  Web  administrators  who  want  an  in-depth 
look  at  their  site’s  network  traffic  for  incident  resolution. 
While  it  does  not  yet  offer  everything  that  a  Web  adminis¬ 
trator  might  eventually  want,  notably  full  insight  into  head¬ 
ers  and  response  payload,  what  the  appliance  does,  it 
does  very  well. 

Powell  is  the  founder  of  PINT,  a  San  Diego  Web  develop¬ 
ment  and  consulting  firm.  He  also  is  the  author  of  numer¬ 
ous  books  on  Web  development  practices.  He  can  be 
reached  at  tpowell@pint.com. 


■  Pow3li  a'so  is  a  member  of  the  Network  World  Lab  Alliance,  a 
cooperative  of  the  premier  testers  in  the  network  industry,  each 
bringing  to  bear  years  of  practical  experience  on  every  test.  For 
more  Lab  Alliance  information,  including  what  it  takes  to  become 
a  partner,  go  to  www.networkworid.com/alliance. 


ROI 

Third-generation  (3G)  wireless  empowers  members  of  your  mobile  workforce  with 
wireless  connectivity.  This  means  road  warriors  can  log  in  securely  to  the  company 
VPN,  check  and  send  email,  search  the  Internet  for  information  or  download  complex 
documents.  For  your  company,  wireless  connectivity  results  in  streamlined  processes, 
increased  efficiencies  and  improved  customer  relationships. 

Contact  your  wireless  operator  today  to  learn  how  3G  can  strengthen  your  mobile 
business  solutions. 

For  more  information  about  QUALCOMM,  visit  www.qualcomm.com 
For  more  information  about  3G  wireless,  visit  www.3gtoday.com 
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MANifiEMENT  STRATEGIES 

B  CAREER  DEVELOPMENT  ^  BPROJECnflANAGEMENT  ■  BUSINESS  JUSTIFICATION 

Companies  check  up  on  IT  vendors 

United  Parcel  Service  and  General  Motors  delegate  formal  responsibility  for 
vendor  relationship  management  to  ensure  successful  outcomes. 


BY  JOHN  COX 

United  Parcel  Service’s  top  IT 
operations  guy  Jim  Medeiros, 
recently  sat  down  with  a  key 
UPS  hardware  supplier  to  talk  about 
deploying  new  application  servers. 


“I  was  listing  out  for  him  a  bunch  of  things  we  want  to 
make  sure  we  do  together,  so  this  new  technology  will 
work  property’  says  Medeiros,  vice  president  of  shared 
services  for  UPS  in  Atlanta.  Among  his  queries: 

•  What  are  all  the  things  that  can  go  wrong? 

•  What  skill  levels  are  needed,  from  the  vendor  and 
from  UPS? 

•  What  items  should  be  covered  on  a  common  status 
report? 

•  Should  we  have  one  person  from  each  company  who 
is  not  directly  involved  in  the  project  to  objectively  review 
whether  the  project  is  successfully  meeting  its  goals? 

•  What  resources  need  to  be  assigned  by  both  compa¬ 
nies  to  ensure  success? 

e  What  other  customers  of  the  vendor  have 
deployed  this  technology  and  are  willing  to  provide 
feedback  to  UPS? 

“I’d  never  get  any  of  that  information  if  all  I  did  was  sign 
a  contract  and  install  the  product,”  Medeiros  says. 

These  are  the  kinds  of  questions  that  more  network 
and  IT  professionals  now  are  asking  their  vendors,  and 
themselves.This  awareness  is  being  embodied  either  in 
new,  more  formal  responsibilities  for  senior  IT  man¬ 
agers,  or  in  new  jobs  with  titles  such  as  vendor  rela¬ 
tionship  manager. 

“Historically,  the  vendor-management  role  was  shaped 
by  software  and  hardware  features  and  functions. 
Negotiations  were  around  things  like  quantity,  product 
features  and  so  on,”  says  Diane  Morello,  vice  president  of 
business  management  of  IT  for  Gartner.  “Today,  the  con¬ 
versation  [with  IT  vendors]  is  more  about  intangibles, 
about  such  things  as  service  levels  that  are  being  mea¬ 
sured.  It’s  less  about  items  and  more  about  outcomes.” 


natbsudks  relationships 

A  vicibie  vendor-management  function  can  rationalize 
a  web  of  relationships  between  a  large  company  and  a 
group  of  vendors,  save  money  and  time,  and  give  the 
enterprise  more  control  over  meeting  its  project  and 
business  objectives. 


Gary  Wolfram  of  North  Bend,  Ind.,  is  a  former  pro¬ 
grammer  and  IT  manager  who’s  been  involved  in  ven¬ 
dor  management  since  1996.  At  that  time,  he  was  hired 
as  an  outside  consultant  to  direct  IS  recruiting  for  a 
large  company  with  a  division  that  was  starting  to  build 
out  its  IT  group. 

Wolfram  set  up  a  centralized  system  for  managing 
the  various  recruiting  companies  that  were  supplying 
his  client  with  contract  programmers  and  IT  staff.“We 
were  able  to  save  25%  of  the  hiring  managers’  time, 
simply  by  the  fact  they  no  longer  had  to  repeat  them¬ 
selves  over  and  over  to  every  one  of  these  vendors,’’ 


each  vendor’s  performance.  GM  has  about  18  categories 
that  the  mentors,  consulting  with  other  GM  managers,  use 
to  evaluate  how  well  each  vendor  is  doing.The  categories 
cover  how  responsive  the  vendor  is  to  GM’s  needs,  cost- 
effectiveness  and  pricing.  GM  also  collects  industrywide 
scorecard  data  from  outside  sources  and  compares  this 
data  with  its  own  performance  ranking. 

The  vendors  take  the  results  very  seriously,  McNicholI 
says.  “They’ve  immediately  changed  their  account-team 
leadership  in  response  to  low  scores,”  he  says. 

Share  responsibilities 


Wolfram  recalls. 

At  the  same  time,  Wolfram  worked  with  the  IT  and  pro¬ 
ject  managers  who  hire  the  contract  programmers,  to 
help  them  understand  that  a  lower  rate  was  not  the  sole 
criteria  in  making  a  decision.  A  less-experienced  pro¬ 
grammer  would  have  a  lower  hourly  rate,  but  might 
require  more  supervision  or  support,  which  could 
increase  the  project’s  overall  cost. 


Communicate  clearly 

Managing  these  kinds  of  outcomes  with  IT  vendors 
requires  lines  of  communications  beyond  those  of  the 
traditional  procurement  process.  IT  groups  are  respond¬ 
ing  to  this  by  setting  up  formal  and  informal  communi¬ 
cations  between  different  levels  of  a  company  and  their 
IT  vendors. 

Over  the  past  six  years,  General  Motors  has  created  the 
role  of  mentor  for  each  of 
its  strategic  IT  vendors, 
about  20  companies  in  all. 

The  mentor  is  a  senior  IT 
manager  who  acts  as  an 
adviser  and  sounding 
board  for  the  vendor.  “We 
keep  this  separate  from  the 
contractual  and  bidding 
activities,”  says  Dan 

McNicholI,  chief  strategy  officer  for  IS  and  services  at  GM 
in  Detroit.  “The  mentor  doesn’t  get  in  the  middle  of  con¬ 
tract  negotiations,  for  example.” 

GM  also  demands  of  each  of  these  vendors  a  corre¬ 
sponding  contact  who  is  separate  from  the  vendor’s  day- 
to-day  account  manager. 

Once  a  year,  GM’s  top  IT  leaders,  about  15  people,  take 
off  in  a  corporate  jet  to  visit  the  top  management  of  these 
strategic  IT  vendors.  In  nearly  daylong  meetings,  the  two 
groups  review  the  business  outlook,  challenges  and  direc¬ 
tions,  and  relate  these  to  IT  priorities  and  goals. 

Finally,  GM  is  the  annual  host  of  a  supplier  forum  for  its 
top  IT  vendors.  One  of  the  key  events  is  the  scorecard  of 


UPS  now  has  two  main  levels  to  its  vendor-management 
process.  It  designates  relationship  managers,  which  are 
duties  assigned  to  midlevel  IT  managers  who  work  daily 
with  a  given  vendor’s  products  or  services. Then  there  are 
executive  sponsors,  who  are  senior  managers,  typically 
vice  presidents,  as  Medeiros  is. 

The  relationship  managers  oversee  issues  around  a 
new  version  of  the  vendor’s  software  or  a  glitch  in 
deploying  a  product.  The  sponsors  meet  monthly  with 
the  vendor  to  review  higher-level  issues,  such  as  long- 
range  product  plans  and  the  status  of  pending  tech¬ 
nology  decisions.The  executive  sponsor  gives  the  ven¬ 
dors  a  voice  in  where  UPS  is  going  with  technology, 
counsels  them  on  internal  UPS  processes,  and  accu¬ 
rately  and  consistently  explains  what  Medeiros  calls 
“the  rules  of  the  game.” 

The  emphasis  on  a  relationship  as  opposed  to  contract 

terms  puts  a  premium 

“I’d  never  get  any  of 
that  information  if  all  I 
did  was  sign  a  contract 
and  install  the  product.” 

Jim  Medeiros,  vice  president  of 
shared  services,  UPS 


on  understanding  each 
other,  and  understand¬ 
ing  requires  listening, 
GM’s  McNicholI  says. 
“They  have  to  be  listen¬ 
ing,  and  so  do  we,”  he 
says.  “And  listening  is 
not  a  skill  with  which 
many  IT  executives  are 

especially  comfortable.” 

In  a  recent  incident,  users  on  GM’s  VPN  were  getting 
repeated  logon  errors.  The  VPN  has  components  from 
four  vendors.The  GM  relationship  manager  coordinated 
with  the  lead  vendor,  who  brought  in  the  other  suppliers 
via  an  audioconference  to  sort  out  how  to  approach  the 
problem. This  team  worked  out  a  plan  and  assignments, 
and  created  an  interim  workaround,  while  they  figured 
out  the  root  cause,  which  turned  out  to  be  a  software 
problem. 

It  was  a  two-way  process.  “A  couple  of  things  came  home 
to  me  about  how  we  [at  GM]  could  do  a  better  job  on  our 
side  to  prevent  these  problems,”  McNicholI  says.B 


YOUR  JOB  IS  TO  KEEP  SYSTEMS  AND  APPLICATIONS  RUNNING. 
OUR  MISSION  IS  TO  KEEP  PEOPLE  AND  INFORMATION  CONNECTED. 

LET’S  WORK  TOGETHER. 


Continuous  access  to  information  no  matter  what.  That’s  information 
Availability,  it’s  what  your  employees,  suppliers  aRd  customers  demand  every 
minute  of  every  day.  But  to  deliver  it  flawlessly,  you  need  a  massive  global 
infrastructure,  redundant  systems  and  diverse  networks  being  monitored  and 
supported  by  skilled  technical  experts  at  secure  facilities.  That’s  exactly  what 
SunGard  provides. 


For  years,  companies  around  the  world  have  turned  to  SunGard  to  restore  their 
systems  when  something  went  wrong.  So,  it’s  not  surprising  that  they’re  now 
turning  to  us  to  mitigate  risk  and  make  sure  they  never  go  down  in  the  first  place. 

You  want  your  network  and  systems  to  always  be  up  and  running.  We  want  the 
same  thing.  Let’s  get  together.  To  learn  more,  visit  www.availability.sungard.com  or 
call  1-800-468-7483. 


As  a  result,  we  can  offer  you  a  higher  level  of  availability  and  save  ycur 
company,  on  average,  25%*  versus  building  the  infrastructure  yourself.  Pius, 
it’s  a  vendor  neutral  solution  that  lets  you  control  your  data,  applications  and 
network  while  giving  you  the  flexibility  to  adjust  to  the  changing  needs  of  your 
business.  But  best  of  all,  it  lets  you  spend  more  time  solving  business  problems 
and  less  time  solving  technical  problems. 


SUNGARD 

Availability  Services 


Keeping  People 
and  Information 
Connected, 


'Potential  savings  based  on  IDC  White  Paper,  Ensuring  Information  Availability:  Aligning  Customer  Needs  with  an  Optima!  Investment  Strategy 
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NETWORK 

INSTRUMENTS 


OBSERVER 


How  much  can  your  network  analyzer  handle? 


Observer  is  the  only  fully  distributed  network  analyzer  built 
to  cover  your  entire  network  (LAN,  802.1  la/b/g,  Gigabit,  WAN). 
Download  your  free  Observer  10  evaluation  today  and  experience 
more  real-time  statistics,  more  expert  events  and  more  in-depth 
analysis  letting  you  monitor,  troubleshoot  and  manage  every  site 
on  your  network  with  one  complete  solution.  Choose  Observer. 

-SECUR  s  tv  conTROi-  Watch  for  virus  and  hack  attacks  to 
quickly  isolate  infected  areas. 


-RLERT  -  Setup  Triggers  and  Alarms  on  any  network  threshold 
and  be  the  first  to  know  of  network  issues. 

-riETwORK  omerlorb-  Monitor  bandwidth  utilization, access 
point  utilization  rates  and  network  top  talkers  with  Real-Time  Statistics. 

-  y 


US  &  Canada 

UK  &  Europe 


toll  free  800.526.5958 
fax  952.932.9545 

+44(0)1959569880 


www.networkmstruments.com/analyze 


Does  your  analyzer  cover  one  room  or 

the  w  olehouie? 


.  ,  1  1  1 

<.  ‘  .  — r.  .  ' 

-  JO 

f-SECURiTV  COmROL- 

J _ 1 _ 1 - 1 - 

1  '  ' 

Specializing  in  Server  Backup/Disaster  Recovery 

Direct  Attached  Storage  •  Network  Attached  Storage  *  Storage  Area  Networks 


ERIDIAN 

DATA,  INC. 

Co// 800-995  1014 
www.excelmertdian.com 


AdaptiveKVM 


When  servers  are  down  or  inaccessible,  you  need 
fast  and  reliable  out-of-band  access  and  control. 

Cyclades  AdaptiveKVM™  (patent  pending)  is  the  industry’s  first 
integrated  solution  that  combines  KVM  over  IP  and  Microsoft® 
Remote  Desktop  Protocol  (RDP)  technology  in  a  single 
appliance.  By  using  KVM  over  IP  combined  with  RDP, 
AdaptiveKVM  provides  continuous  access  for  remote  server 
management. 


Next-Generation  KVM  Solution 
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AlterPath™  KVM/netPlus 

Download  a  FREE  White  Paper  on  AdaptiveKVM 

www.cyclades.com/akvm 
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www.cyclades.com/nw 

1 .888.cyciades  •  saies@cyciades.com 
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SERVERS  WITHIN  YOUR  REACH 
FROM  ANYWHERE 
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LOCAL  OR  REMOTE  SERVER  MANAGEMENT  SOLUTIONS 


UltraMatrix™ 

Remote 


KVM  OVER  IP 


. 


MATRIX  KVM  SWITCH  WITH 
INTEGRATED  REMOTE  ACCESS  OVER  IP 

System-wide  connectivity  over  IP  worldwide  and  locally 
Connects  1,000  computers  to  up  to  256  user  stations 
Supports  PC,  Sun,  Apple,  USB,  UNIX,  serial  devices 
High  quality  video  up  to  1280  x  1024 
Secure  encrypted  operation 

'  View  real-time  video  from  4  computer  connections  with 
quad-screen  mode 


The  UltraMatrix  Remote  represents  the  next  generation  in  KVM  switches  with  IP  access.  It 
provides  a  comprehensive  solution  for  remote  server  access  over  IP  and  local  as  well. 


UltraMatrix™ 

E-series 

KVM  SWITCH 


I  PROFESSIONAL  MULTI-USER  KVM  SWITCH 
2  -  4  KVM  STATIONS  TO  1,000s  OF  COMPUTERS 

PC  or  multi-platform  (  PC/Unix,  Sun,  Apple,  others) 

On-screen  menu  informs  you  of  connection  status  between  units 
in  an  expanded  system 

•  Powerful,  expandable,  low  cost 

•  No  need  to  power  down  most  servers  to  install 

•  Security  features  prevent  unauthorized  access 

•  Free  lifetime  upgrade  of  firmware 

•  Video  resolution  up  to  1600  x  1280 

•  Available  in  several  models 

•  Easy  to  expand 

The  UltraMatrix  E-Series  represents  the  latest  in  KVM  matrix  switch  technology,  at  an 
affordable  price.  The  E-Series  allows  you  to  connect  up  to  256  user  stations  to  as  many  as 
1,000  computers.  The  UltraMatrix  E-Series  is  available  in  several  sizes:  2x4,  2x8,  2x16, 

4x4,  4x8,  4x16,  1x8,  and  1x16  in  either  PC  or  multi-  platform. 


■  KVM  RACK  DRAWERS  WITH  KVM  SWITCH  OPTION 

RackViews  offer  the  latest,  most  efficient  way  to  organize  and  streamline  your 
server  rooms  and  multiple  computers. 

The  RackView  is  a  rack  mountable  KVM  console  neatly  fitted  in  a  compact  pull-out 
drawer.  This  easy-giide  KVM  drawer  contain  a  high-resolution  T FT/LCD  monitor,  a 
tactile  keyboard,  and  a  high-resolution  touchpad  or  optical  mouse. 


XtendVue 

Vertical  Rack  mountable  LCD 
With  Buit-in  KVM  Extender 


RackView 

Fold-Forward 


RackView 

Fold-Back 


RackView 
LCD  Monitor 


RackView 

Keyboard 


ROSE  US 

ROSE  EUROPE 
ROSE  ASIA 

ROSE  AUSTRALIA 

281  933  7673 
+44(0)  1264  850574 
+  65  6324  2322 
+617  3388  1540 

800-333-9343 

WWW.ROSE.COM 
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Centrally  Discover,  Support  and 
Manage  your  Systems.  Anywhere. 


What's  on  your 

Network? 

Find  out  with  NetSupport... 


Do  you  know  where  your  oldest  computer  is?  Need  to  locate  and  upgrade  your 
Windows  98  systems?  Are  you  overpaying  on  unused  software  licenses?  Which 
employees  are  spending  the  most  time  surfing  the  web?  Find  out  fast  with 
NetSupport  DNA. 


Managing  your  company's  IT  assets  means  more  than  just  selection  and 
maintenance.  Reporting,  inventory,  deployment  and  forecasting  are  also  part  of  the 
job.  NetSupport  DNA  is  an  easy  to  use  IT  asset  management  solution  that  provides 
you  with  the  tools  you  need  to  get  to  know  your  network. 


Unlike  other  solutions,  NetSupport  DNA  does  not  require  certified  training  or  have  a 
complex  implementation  path.  It  offers  all  of  the  functionality  you'd  expect  from  an 
award  winning  asset  management  suite,  but  with  only  a  30  minute  implementation 
path. 


NetSupport  DNA  combines  powerful  hardware  and  software  inventory  with  software 
distribution,  application  and  internet  metering,  pc  remote  control,  enterprise 
reporting  and  a  web-based  help  desk  solution. 


NtTSUPPORT 

□NAV^ 

NetSupport 


and  download  a  full  trial  license  today.  Sales:  1-888-665-0808 

And  in  30  minutes  start  viewing  your  vital  Asset  Information.  www.netsupport-inc.com 


Netreo's  OmniCenter™  family  of  network  managment  appliances  have 
helped  hundreds  of  America's  leading  corporations  and  universities 
dramatically  reduce  IT  management  costs  and  improve  availability.  Our 
agentless  and  clientless  architecture  makes  the  process  of  managing 
even  the  largest  and  most  complex  environments  remarkably  simple,  and 
makes  implementation  a  breeze. 


Come  see  our  in-depth  case  studies  at  http://www.netreo.net/nw/ 
and  discover  how  we  can  help  simplify  your  IT  management. 


OmniCenter 

IT  Management  Redefined. 


IMetreo 

www.netreo.net/nw/ 

(866)  NETREOI 
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Fault  Management  •  Performance  Reporting  •  Security  Managment  •  VoIP  Management  •  Intrusion  Detection  •  ProtocplHep 
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Plug  In 
The  Simple 
Solution. 
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MovinCool  spot  air  conditioners 

are  the  answer  to  your  overheating 

problems.  Just  roll  it  in.  Plug  it  in. 

Turn  it  on.  It’s  that  simple. 

►  Up  to  60,000  Btu/h  of  cooling 
power  right  where  and  when 
you  need  it 

►  Protects  against  data  loss  and 
equipment  failure 

►  #1  in  portable  air  conditioning 
for  over  30  yearn 

►  The  only  portable  air 
conditioner  ETL-verified 
for  performance 


MCVINCOOL 

THE  #1  PORTABLE  SPOT  COOLING  SOLUTION 
800-264-9573  or  visit  www.movincool.com 


©2005  DENSO  Sales  California,  Inc.  MovinCool,  SpotCool  and  Office  Pro  are  registered  trademarks  of  DENSO  Corporation. 


He  n  Do  You  istri  ite 
Power  in  Your  Data 
Center  Cabinet? 


v  With  Sentry! 

CDU  Product  Family:  Metered,  Smart  &  Switched 

The  Sentry  CDU  distributes  power  for  Blade  servers  or  up  to  42  dual 
-C •  power  id  servers  in  one  enclosure.  Single  or  3-phase  input  with 

Ite-  110VAC.208VAC  or  mixed  110/208VAC  single-phase  outlet  receptacles. 

• 

S&law&i&'CDfr  Switched  CDU 


•s';  >' local  injiut  Current  Monitoring 


^^Pp>rt;CDU 

:;Jf5%l®r,al.Jnput  Current  Monitoring 

Temperature  and 

”  Power  Temperatures 


Switched  CDU 

>  Local  input  current  Monitoring 

>  Supports  External  Temperature  and 
Humidity  Probes 

>  IP  Monitoring  of  Power,  Temperatures 
and  Humidity 

>  Remote  Power  Control  of  Each  Outlet 
—  On  /  Off  /  Reboot 
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Monitor  the  REST  of  your  Computer  Room! 

~L 


•  Water  on  the  Floor 

•  Temperature 

•  Power  Problems 

•  Security 

•  Smoke  and  Fire 

•  Humidity 

•  Video 

•  And  much  more 


Sends  Monitors 

SNMP  64 

Messages  IP  addresses 


Power  Internal 

Outage  UPS 

Alarming 
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Dealers  Wanted 


Tel:  877-373-2700 
www.ims-4000.com 


Internal  Voice, 
Power  Ethernet  Modem 
Control  Port  &  Pager  Port 
Interface 


Sensor  Inputs 

(temperature,  Humidity, 
Water,  Motion ,  Power, 
Smoke/Fire) 

Expandable 


Microphone 

for  Sound 
Monitoring 


SENSAPHONE 
901  Tryens  Road 
Aston,  PA  19014 


The  Truth  about  Secure- 


Terminal  server  vendors,  who  proclaim  that 
they  have  Secure  But  Of  Band  products,  rely 
on  RADIUS,  TACACS+  and  other  in-band 
protocols  to  provide  security.  By  inference, 
they  imply  they  secure  out  of  band  access 
when,  in  tact,  they  offer  only  network : 
which  conflicts  with  out  of  hand  access 

A  true  Secure 
solution  should  provide  strong  security  without 
reliance  upon  network-based  protocols. 


GDI  offers: 

p— •  Hardware  encryption  over  dial-up  Full  NIST,  FIPS  140-2  certifications  •-r 

and  network  connections 

r-»  RSA  certified  SecurlD  authentication  Remote  Power  control 

without  a  network. 

p-*  Patented  central  management  of  all  Homologous  world-wide  approved  «-r 

remote  devices  internal  modems 

CDI  has  been  building  encryption  equipment  for  over  fifteen  years.  Our  customers  and  partners  include 
major  financial  institutions,  government  agencies,  major  telcos,  utilities,  and  the  United  States  military. 

Communication  Devices  Inc. 
www.outofbandmanagement.com 
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Version  7  Terabyte 


The  Smart  Choice  for  Text  Retrieval®  since  1991 

♦over  two  dozen  indexed, 
unindexed,  fielded  and  full-text 
search  options 


dtSearch 


4  r  h 


►  5  ML* 


♦  highlights  hits  in  HTML,  XML  and 
PDF  while  displaying  embedded 
links,  formatting  and  I1mEM53 

♦converts  other  file  types 
(word  processor,  database, 
spreadsheet,  email,  ZIP,  Unicode, 
etc.)  to  HTML  for  display  with 

highlighted  hits 


Reviews  of  dtSearch 

♦  “The  most  powerful  document  search 
tool  on  the  market”  —  Wired  Magazine 

♦  “dtSearch ...  leads  the  market” 

—  Network  Computing 

♦  “Blindingly  fast”  —  Computer  Forensics: 
Incident  Response  Essentials 

♦  “A  powerful  arsenal  of  search  tools” 
—  The  New  York  Times 

♦  “Super  fast,  super-reliable” 

—  The  Wall  Street  Journal 

♦  “Covers  all  data  sources ...  powerful 
Web-based  engines”  —  eWEEK 

..Jwww.iltsearch.com  lot  hundreds  ♦  “Searches  at  blazing  speeds" 
more  reviews  &  case  studies  -cmputon'seiie.Hm  rest  ante, 


-IT-FINDS  •  www.dtsearchTcom 


TAP  into  Performance 

netWOrkTAPs  ©  Monjtor  mission-critical  links  with  the 
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Qualcomm 


QUALCOMM  Incorporated 


QUALCOMM  Incorporated  is  a  leader  in  developing  and  delivering  innovative  digital  wireless  communications 
products  and  services  based  on  the  Company’s  CDMA  digital  technology.  Headquartered  in  San  Diego,  Calif., 
QUALCOMM  is  included  in  the  S&P  500  Index  and  is  a  2005  FORTUNE  500®  company  traded  on  The  Nasdaq  Stock 
Market®  under  the  ticker  symbol  QCOM. 
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Ceonex 

Ceonex  is  a  web  consulting  and  development  agency 
that  specializes  in  helping  companies  to  increase  con¬ 
version  online.  By  developing  and  using  highly 
advanced  methodologies  such  as  Quantemo™,  the 
world’s  first  known  scientific  approach  to  measuring 
emotional  reactions  and  mental  effort  on  a  web  site, 
Ceonex  enables  businesses  to  strengthen  their  com¬ 
petitive  advantage. 

(413)  663-9798  •  www.ceonex.com 
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introNetworks 

The  award-winning  introNetwork  System™  creates 
instant  online  communities  for  events,  tradeshows, 
publications,  associations,  corporate  meetings  and 
affinity  groups.  Users  profile  themselves  and  interac¬ 
tively  discover  their  best  matches.  Filtered  results  are 
displayed  graphically  to  pinpoint  valuable  connec¬ 
tions.  introNetworks  takes  the  work  out  of  network¬ 
ing.  Used  by  TED,  DEMO,  YPO,  PC  FORUM,  aditech 
and  many  others 
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Lenovo 

Lenovo  is  an  innovative,  international  technology 
company.  It  is  the  world’s  third-largest  PC  vendor, 
as  a  result  of  the  acquisition  of  the  IBM  Personal 
Computing  Division  by  Lenovo  Group.  The  transac¬ 
tion  was  completed  in  May  2005.  Lenovo  has  been 
the  number-one  PC  vendor  in  China  for  eight  consec¬ 
utive  years.  IBM's  PC  Division,  prior  to  becoming  part 
of  Lenovo,  was  ranked  third  in  the  global  market. 

(914)  701-2800  •  www.lenova.com 
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Many  Minds.  Singular  Results. 

Porter  Novelli 

Developing  a  communications  program  flexible 
enough  for  today’s  hypercompetitive  technology  mar¬ 
ket  requires  a  passionate,  diverse  team  that  works  as 
one.  Many  minds.  Singular  results.  This  is  Porter 
Novelli.  We  help  today’s  leading  technology  brands 
and  tomorrow’s  technology  innovators  reach  busi¬ 
ness  objectives  through  powerful  communications 
programs.  Learn  more  at  www.porternovelli.com 
(415)  975-2200  •  www.porternovelli.com 
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Vo!P 

continued  from  page  1 

more  quickly  and  efficiently 
using  Skype’s  VoIP  capabilities, 
not  to  tack  on  VoIP  as  a  separate 
unrelated  line  of  business. 

Because  Skype  is  a  peer-to-peer 
technology  that  also  supports 
video,  it  would  be  possible  to  link 
buyers  and  sellers  directly,  for 
example.  “Voice  is  the  dominant 
requirement  for  a  communica¬ 
tions  session,  but  voice  is  just  one 
thing  you  can  do  with  Skype,”  says 
Bob  Rosenberg,  president  of 
Insight  Research.“With  it  you  can 
create  your  own  application  envi¬ 
ronment  and  support  video.” 

While  Skype  may  allow  eBay  to 
do  business  in  new  ways,  it  does 
not  transform  eBay  into  a  phone 
company, says  Jeff  Kagan,  an  inde¬ 
pendent  telecommunications 
consultant.  “It  will  help  eBay 
expand  into  new  lines  of  business 
where  buyers  feel  more  comfort¬ 
able  buying  and  selling  big-ticket 
items  like  cars  and  houses.  It  will 
be  an  add-on  service  helping  to 
expand  their  traditional  online 
service,”  Kagan  says. 

So  rather  than  relying  on  eBay 
as  an  arbiter  of  trade  that  is  car¬ 
ried  out  online  and  via  e-mail, 
eBay  customers  will  use  Skype 
to  create  a  more  immediate  envi¬ 
ronment  in  which  to  do  business, 
says  David  Willis,  vice  president 
of  enterprise  communications 
for  Gartner’’  People  in  the  Middle 


East  typically  haggle  to 
get  the  price  they  want,” 
he  says.“Skype  will  allow 
eBay  customers  to  do 
that.” 

For  now,  the  bulk  of 
business  customers  and 
providers  are  light-years 
behind  eBay  on  the  VoIP 
innovation  scale,  accord¬ 
ing  to  research  that  will 
be  presented  at  VON. 
Businesses  want  bundles 
of  IP  services  that  are  less 
expensive  and  take  up 
less  administrative  time 
than  their  traditional  ser¬ 
vices,  according  to  the 
survey  by  Savatar  of  300  telecom 
decision  makers  at  small  and 
midsize  businesses.  They  are  not 
seeking  to  push  the  limits  of  the 
technology  to  create  new  ways  of 
doing  business  a  la  eBay  says 
John  Macario,  president  of 
Savatar. “They  say, ‘I’m  looking  for 
a  vendor  to  establish  that  they 
can  do  voice  really  well  before  I’d 
consider  buying  other  services 
from  them’”  he  says. 

Another  problem  is  that  busi¬ 
nesses  are  generally  unfamiliar 
with  the  broader  possibilities  of 
VoIP  says  Suke  Jawanda,  Savatar’s 
vice  president  of  marketing. 
Providers  don’t  make  it  easy  for 
customers  to  find  out  what  IP  ser¬ 
vices  they  offer  and  what  their 
benefits  are,  he  says.  When  asked 
where  they  would  go  to  find  out 
about  VoIP  services,  “A  lot  said,  ‘I 


Hot  just  VoIP 


Businesses  want  bundles  of  services  that 
augment  VoIP,  according  to  a  survey  of  300 
corporate  telecom  decision  makers. The 
executives  were  asked  what  other  services  they 
would  buy  from  their  VoIP  provider. 


Other  3% 
IM/presence  5% 
E-mail  18% 
Web  hosting  19% 

SOURCE:  SAVATAR 
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37% 


collaboration 

-  19% 


would  do  a  Google  and  see  what 
came  up’”  Jawanda  says. 

Larger  businesses  have  similar 
reservations.  For  instance,  3M  has 
looked  at  VoIP  and  failed  to  come 
up  with  a  compelling  reason  to 
convert,  says  Rick  Eaton,  telecom 
specialist  for  3M  in  Minneapolis, 
who  is  speaking  at  VON  about  ver¬ 
ifying  service-level  agreements. 

“We  recognize  there  is  value  in 
integrating  voice,  data  and  video 
onto  one  network  in  terms  of 
management  or  maybe  carrier 
services,  maybe  for  managing 
those  as  well.  But  the  path  is 
not  entirely  clear,”  Eaton  says. 
“We’re  looking  for  that  applica¬ 
tion  that  might  change  the  way 
we  do  business  and  really  add 
some  value.” 

Eaton  also  is  concerned  about 
threats  to  VoIP  availability  be- 


Shavlik  adds  anti-spyware 


cause  of  attacks  on 
the  shared  networks 
that  business  VoIP  runs 
over.  “We  had  a  situa¬ 
tion  two  weeks  ago 
where  we  were  infect¬ 
ed  by  a  virus  at  3M,” 
Eaton  says.  The  prob¬ 
lem  caused  some  data 
services  to  be  inacces¬ 
sible  for  several  hours. 
“Had  we  not  been 
able  to  make  phone 
calls  at  the  same  time, 
our  business  would 
have  come  to  an 
absolute  halt.” 

In  addition,  there 
are  potential  vulnerabilities 
unique  to  VoIP  that  can  threaten 
reliability.  For  instance,  some 
open  source  code  for  Session 
Initiation  Protocol  (SIP)  —  the 
signaling,  call  control  ,tand  pres¬ 
ence  software  for  many  VoIP 
networks  —  may  contain  vulnera¬ 
bilities,  according  to  a  study  to  be 
presented  at  VON  by  SecurityLab 
Technologies. 

Specifically,  the  SIP-X  Phone 
stack,  the  GNU  SIS-0  stack  and 
the  Vocal/Vovida  SIP  stack  could 
leave  any  device  based  on  these 
software  loads  vulnerable  to  a 
denial-of-service  attack,  or  a 
takeover  of  the  device,  allowing 
an  attacker  to  run  outside  code 
on  the  device,  says  Ejovi  Nuwere, 
CTO  for  SecurityLab.  Nuwere  says 
that  these  vulnerabilities  could 
leave  such  devices  as  IP  PBXs 
and  IP  phones,  VoIP  gateways, 
softswitches  or  PCs  running  soft- 
phone  clients  exposed.  “When  it 
comes  to  security  VoIP  is  basically 
in  1997,”  he  says. 

“The  vast  majority  of  VoIP 


devices  currently  being  sold  and 
used  are  based  on  the  same  foun¬ 
dations  and  the  same  stacks,” 
Nuwere  says.  Because  much  VoIP 
software  was  written  by  program¬ 
mers  several  years  ago,  mainly  by 
coders  with  backgrounds  in  the 
carrier  and  telecom  industries, 
the  newer  attack  methods  for 
hacking  IP  software  was  not  as 
much  a  concern,  he  says. 

Security  worries  are  shared  by 
businesses  considering  VoIP  ac¬ 
cording  to  a  recent  study  by  In- 
Stat.The  task  of  securing  VoIP  net¬ 
works  is  among  the  most  immedi¬ 
ate  concerns  of  IT  executives 
deploying  converged  networks, 
recent  research  shows.  According 
to  a  2005  survey  by  InStat,  75%  of 
companies  that  have  VoIP  de¬ 
ployed  plan  to  replace  their  fire¬ 
walls,  VPN  gateways  and  intru¬ 
sion-detection  systems  to  better 
support  converged  traffic.  The  re¬ 
search  firm  says  most  VoIP- 
focused  companies  plan  to 
implement  these  changes  over 
the  next  year. 

Service  providers  at  the  show  as 
well  as  equipment  vendors  are 
expected  to  tout  their  adoption  of 
a  network  standard  called  IP 
Multimedia  Subsystems  (IMS) 
that  is  meant  to  create  a  common 
IP  network  architecture  that  will 
enable  flexible,  quickly  created  IP 
services  based  on  products  made 
by  many  vendors. 

Convedia  and  Covergence  say 
they  will  announce  that  their  gear 
is  being  installed  in  specific  carri¬ 
er  networks,  but  would  not  say 
which  ones.  Other  vendors  plan 
to  announce  that  their  products 
either  comply  with  IMS  or  will  do 
so  soon.B 


BY  JOHN  FONTANA 

Shavlik  Technologies,  long  known  for  patch  man¬ 
agement  software,  is  adding  anti-spyware  capabilities 
to  its  platform. 

The  company  recently  released  Shavlik  NetChk 
Spyware,  a  stand-alone  application  that  lets  cus¬ 
tomers  detect  and  remove  spyware  from  any  server 
or  workstation  on  a  network  running  Windows  NT  or 
higher.  The  spyware  software  also  can  be  integrated 
with  Shavlik’s  HFNetChkPro,  a  patch  management 
piatform.The  integration  will  provide  users  with  one 
interface  for  managing  both  products. Shavlik  is  call¬ 
ing  the  integrated  product  Shavlik  NetChk  Protect, 
which  will  become  the  foundation  of  a  security 
management  line  of  products. Shavlik  intends  to  add 
Compliance  Manager  to  the  lineup  later  this  year. 

“It's  all  about  single  point  of  management,  and  one 
of  the  benefits  of  Shavlik  is  that  there  is  no  client  soft¬ 
ware,”  says  Jeff  Martin,  computer  resource  specialist 
at  the  University  of  California,  Riverside.  Shavlik  has 
built  its  Protect  suite  so  that  its  agent-less  and  agent 
technology  is  common  to  all  its  security  products.“If 
1  can  check  all  of  my  domain  controllers,  my  SQL 


server,  both  my  Exchange  servers  and  all  300  of  my 
clients  in  half  an  hour,  that  gives  me  more  time  to  do 
important  stuff.” 

Spyware  is  known  for  its  appetite  for  desktop 
resources  and  the  security  risks  it  can  open  on  a 
desktop.  According  to  the  National  Cyber  Security 
Alliance,  spyware  affects  80%  to  90%  of  desktops. 

With  the  Protect  suite,  users  get  an  all-in-one  con¬ 
sole  that  provides  vulnerability  discovery  and  report¬ 
ing  services.  From  the  console  users  can  run  multiple 
scans  for  both  patches  and  spyware. 

The  spyware  software  features  full  spyware 
removal,  which  eliminates  every  registry  key  and  file 
associated  with  the  spyware.  Users  can  schedule 
scans  at  specific  times  or  initiate  scans  on  demand. 

While  Microsoft  offers  an  anti-spyware  tool  for  the 
desktop.it  has  yet  to  develop  a  corporate  version  of 
the  software.  Shavlik  is  aiming  to  plug  that  gap.  It 
competes  with  BigFix,  PatchLink  and  others. 

NetChk  Spyware  runs  on  Windows  2000  and  above 
and  costs  $16  per  user  per  year  for  100  to  249  users. 
NetChk  Protect  is  priced  at  $31  per  user  for  the  same 
number  of  users.  ■ 
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Grid  in  Action:  Explore.  Adopt.  Deploy. 


GridWorld™  is  the  premier  B2B  conference 
focused  on  the  commercial  benefits  of  grid  computing 
for  Enterprise  IT  strategists,  worldwide. 
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Join  us  for  the  only 

educational  conference  to  help  Enterprise  IT 
professionals  build  a  business  case/road  map  for  the  enterprise. 


TWO  POWER  PACKED  DAYS  TACKLING  THE  LATEST  ISSUES  AROUND  GRID  DEPLOYMENT: 
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Learn  vicariously  from  a  large  multi-national  bank’s  global  Grid  deployment 

Explore  Software  Licensing  Models  for  Grids 
Understand  the  positive  implications  of  IT  as  a  Service 
Find  out  how  Grid  technology  is  speeding  up  the  early  stages  of  drug  discovery 
(plore  the  reality  and  future  of  Grids  in  the  context  of  related  technologies  like 

virtualization,  automation  and  service  orientation 
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Mark  Gibbs 


ast  week’s  column  dis¬ 
cussing  how  the 
Federal  Emergency 
Management  Agency’s 
Individual  Assistance 
Center  Web  site  required  people  filing  claims  to  use 
Microsoft’s  Internet  Explorer  6.0  generated  a  lot  of  feed¬ 
back. 

Reader  Gary  McMillian  wrote  that  this  obsession  with 
Internet  Explorer  isn’t  restricted  to  FEMA:“The 
[Department  of  Defense]  insists  on  [Internet.  Explorer] 
to  submit  invoices  through  their  new  Wide  Area  Work 
Flow  [WAWF]  system.  At  some  point  in  the  future  [the 
original  deadline  has  passed] ,  if  you  don’t  use  WAWF 
[and  Internet  Explorer]  then  you  won’t  be  able  to 
invoice  the  [Defense  Department]  and  receive  payment 
for  work  done.” 

But  that’s  not  all.  McMillian  continued:“To  add  to  the 
insult,  the  group  responsible  for  payments,  the  Defense 
Finance  and  Accounting  Service,  requires  [Internet 
Explorer]  to  access  their  invoice  inquiry  system.” 

He  agrees  that  legislation  is  required  to  keep  the  feder¬ 
al  government  from  mandating  use  of  a  particular  ven¬ 
dor’s  browser.  Me,  I  think  this  requirement  should  extend 
to  all  federal  and  state  government  departments  as  part 
of  a  larger  strategy  that  makes  government  information 
and  services  as  widely  accessible  as  possible  to  Internet 
users. 

But  not  all  readers  agreed.  David  Gray  wrote, “I’m  not  a 
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Internet  Explorer  required:  Your  comments 
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big  fan  of  government,  but  as  a  Webmaster  and  develop¬ 
er,  I  have  to  disagree  with  your  comments  regarding  gov¬ 
ernment  requiring  [Internet  Explorer]. What  would  you 
say  if  they  postponed  having  a  Web  site  to  make  sure  it 
was  compatible  with  the  10%  to  15%  of  the  other  users? 
I’m  sure  you’d  complain  that  they  don’t  have  a  Web  site! 

Having  a  Web  site  is  a  big  step  forward  and,  disregard¬ 
ing  the  question  of  whether  the  content  is  really  useful 
on  these  sites,  the  elephant-in-the-room-sized  issue  is  why 
is  the  FEMA  site  browser-specific?  We’re  talking  about  fill¬ 
ing  out  forms,  not  presenting  exotic  multimedia  content. 

A  possible  answer  is  that  FEMA,  like  the  Copyright 
Office,  uses  a  back-end  system  (the  Copyright  Office  uses 
Siebel)  that  doesn’t  integrate  with  anything  but  Internet 
Explorer.  I  can’t  imagine  how  or  why  this  limitation 
exists,  but  it  shows  a  remarkable  lack  of  foresight  on  the 
part  of  any  department  that  uses  such  restrictive  infra¬ 
structure  this  late  in  the  game. 

Even  so,  Gray  saw  this  glass  as  half  full:“This  is  govern¬ 
ment.  Be  happy  that  they  even  have  a  site  available!” 

I  also  got  a  note  from  reader  Wonko  the  Sane  (so  he 
claims)  that  pointed  out:  “You  don’t  have  to  go  back  far 
in  Internet  history  to  know  that  all  the  Requests  For 
Comment,  which  are  in  truth  the  de  facto  standards  of 
the  Internet,  must  be  submitted  in  plain  text  —  the  low¬ 
est  common  denominator  —  so  that  any  word  or  text 
processor  can  read  them.” 

He  continued, “the  fact  remains  that  plain  text  is  the 
rule.  If  the  basics  are  good  enough  for  the  Internet  itself, 


they  should  be  good  enough  for  everybody  else.” 

Wonko  pointed  out  that  “increasing  numbers  of  com¬ 
puter  users  are  moving  to  open  standards  such  as  Linux, 
and  those  institutions  who  insist  on  going  with  the  pro¬ 
prietary  flow  will  alienate  a  growing  number  of  cus¬ 
tomers.” 

Going  back  to  Gray,  he  also  raised  the  issue  that  we  live 
in  a  democracy  “in  which  the  majority  rules.  And  since 
85%  to  90%  of  users  use  [Internet  Explorer], I’d  say  [the 
government  is]  catering  to  the  majority  for  a  change.” 

I  must  again  disagree.  A  crucial  goal  of  government 
should  be  to  provide  service  to  the  greater  good,  which 
is,  in  fact,  an  objective  that  it  embraced  a  long  time  ago. 

In  pursuit  of  this  goal  the  government  mandated  Uni¬ 
versal  Service  for  telephones  and  provides  services  in 
more  than  just  English,  despite  English  being  the  majori¬ 
ty  language.  It  also  mandated  provision  for  handicapped 
access  despite  the  majority  being  able-bodied. 

So  when  it  comes  to  Web  browsers,  the  majority  are 
not  defined  by  having  IE6+  but  through  being  HTML  4- 
compatible.  Moreover,  don’t  you  think  in  the  litany  of 
world-class  screw-ups  that  characterized  the  govern¬ 
ment’s  response  to  the  New  Orleans  disaster,  the  fact  that 
this  Web  service  didn’t  exist  before  the  flood  shows  just 
how  disconnected  FEMA  has  become  from  the  job  it 
was  supposed  to  be  capable  of  doing? 

Your  answers  to  backspin@gibbs.com.  PS.  Check  out 
Gearblog  (www.networkworld.com/weblogs/gearblog/). 
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An  ugly  look  inside 

True  story  (or  so  I'm  told):  With  Web  mail  accounts 
strictly  prohibited  by  corporate  policy  and  the  ban 
enforced  by  filtering  software,  the  potential  customer 
assured  technicians  from  Reconnex  there  would  be  no 
need  to  check  for  this  particular  security  threat  as  part 
of  the  vendor’s  free  48-hour  e-Risk  Rapid  Assessment. 

No  harm  in  checking  anyway,  the  techs  assured  their  prospect. 

And,  of  course,  they  did  find  Web  mail,  the  first  of  which  bragged:  "Hey,  I  finally 
figured  out  a  way  to  get  around  this  ban  on  Web  mail.” 

Author  Dan  Verton,  a  former  Computerworld  re  porter,  has  collected  buckets  full  of 
such  tales  —  many  of  them  far  more  serious,  some  downright  criminal  —  in  his  new 
book  entitled  The  Insider:  A  True  Story.  While  every  IT  professional  already  knows 
that  security  threats  from  within  are  often  more  dangerous  than  those  kept  at  bay  by 
firewalls,  the  book  shines  a  spotlight  directly  on  the  depth  and  breadth  of  the  problem. 

There  are  examples  and  anecdotes  aplenty  plucked  from  today’s  headlines  and 
recent  history  —  who  knew  that  the  cosmetics  industry  was  so  cutthroat?  But  the 
book’s  most  telling  tales  are  gleaned  from  the  first  50  of  those  risk  assessments 


conducted  by  Reconnex,  a  start-up  headed  by  veteran  entrepreneur  Don  Massaro. 

"This  is  real  live  information  taken  from  large  companies  and  agencies,  and  in 
some  cases  where  the  person  who's  doing  the  criminal  activity  has  not  been 
caught,”  says  Verton,  whose  previous  books  include  Black  Ice:  The  Invisible  Threat 
of  Cyber-Terrorism.  “This  is  what’s  really  happening  behind  the  firewalls.” 

A  pretty  picture  it  isn’t,  either  for  the  IT  executives  learning  the  unvarnished  truth  or 
the  wayward  employees  caught  red-handed  abusing  company  networks  and  ignoring 
policies. 

"On  many  of  these  occasions  somebody  —  or  multiple  people  —  ended  up  getting 
fired  as  a  result  of  the  data  that  was  found,”  Verton  says. 

"One  of  the  cases  really  stands  out  in  my  mind.  It  was  a  major  government  agency 


that  was  just  completely  drowning  in  pornography  and  gambling  sites  and  all  kinds 
of  inappropriate  content.They  thought  they  had  tools  that  were  blocking  access  to 
this  stuff. They  found  so  much  hate  and  racist  content  and  pornographic  content 
that  the  people  who  were  in  the  room  from  the  agency  when  they  got  their  briefing 
basically  had  to  get  up  and  leave  —  it  was  that  bad."' 

One  major  advantage  of  the  Reconnex  reports  is  that  the  information  is  provided 
in  a  format  that’s  easily  digestible  by  not  only  IT  executives  but  also  business  man¬ 
agers,  according  to  Verton. 

"You  don’t  have  to  be  an  IT  security  expert;  it’s  not  bits  and  bytes,"  he  says. 
“Managers  can  do  the  live  forensics  on  this  data  and  you  can  see  the  e-mails,  you  can 
see  the  content  of  Web  postings,  you  can  see  the  content  of  FTP  traffic,  of  instant 
messages,  of  attachments  of  all  kinds,  including  encrypted  attachments.  You  get  this 
report  after  two  days,  and  whether  you  buy  [the  Reconnex  risk  management  products] 
or  not,  you  now  know  instantly  the  scale  of  the  problem  inside  your  organization.’' 

One  company  that  felt  fairly  confident  in  its  policy  that  everything  be  encrypted  — 
100%  —  was  startled  to  learn  that  less  than  20%  was  actually  under  lock  and  key. 

Banks  were  learning  that  their  employees  were  virtually  opening  the  vaults  to  identity 
thieves  by  ignoring  policies  governing  e-mail  correspondence  with  customers. 

"They  had  no  idea  that  the  extent  of  the  problem  was  such  that  the  employees 
were  telling  customers,  ‘Yes,  we’d  love  to  help  you  open  that  account;  send  me  your 
name,  address,  Social  Security  number,  current  bank  account  number,  routing  num¬ 
ber—  all  this  stuff  via  unencrypted  e-mail.These  are  at  major  companies  with  tens 
of  billions  of  dollars  of  assets  under  their  control,"  Verton  says. 

Near  the  end  of  our  chat,  I  asked  Verton  whether  any  of  the  50  risk  assessment 
reports  he  read  painted  a  picture  of  an  organization  fully  in  control  of  its  insider 
threat  vulnerabilities. 

Answer:  "No.” 

There's  no  risk  in  letting  me  know  what  you  think.  The  address  is  buzz@nww.com. 
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Can  your 
network 
transform  your 
business? 


EVOLVE  AT  WILL.  Can  your  network  turn  a  tight  race  into  a  commanding  lead?  Can  it 
move  quickly  into  global  markets,  help  drive  down  costs  and  be  nimble  in  the  face  of 
changing  competition?  Can  it  offer  both  ultra-flexible  IP-VPNs  and  business  continuity 
services?  Can  it  deliver  innovative  security  and  IP  management  expertise?  With 
networking  solutions  from  AT&T,  you  can  integrate  your  entire  value  chain  into  a  single, 
globally  networked  community.  So  not  only  will  your  enterprise  be  able  to  reach  the 
entire  world — it  might  even  be  capable  of  changing  it.  CAN  YOUR  NETWORK  DO  THIS? 


AT&T 

The  world's  networking  company5 


To  find  out  how  AT&T’s  networking  solutions 
can  help  evolve  the  way  you  do  business,  go  to: 

att.com/transform 
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